I have a repo that is currently private, but may eventually be public. In the CircleCI config, I have a snippet which adds a private SSH key via the
add_ssh_keys item, e.g.:
steps: - add_ssh_keys: fingerprints: - "00:11:22:33:44:55:66:77:88:99:00:11:22:33:44:55"
I was wondering whether it’s safe to have the fingerprint publicly accessible, given its a private key, and uses MD5 for its hash. My assumption is yes, it’s safe, but want to confirm, before heading down an alternate route.