5Ara
Is it safe to check-in a RSA private key?
As far as I know, it is bad to check-in something like a password in a version control system. However, I saw in a project that a private_key.pem
file with -----BEGIN RSA PRIVATE KEY----- ...
content is checked in. For me this smells like a security issue.
Is it a security issue?