From 2737cef248d2ea0c5ed1f420697a3d17532fbd99 Mon Sep 17 00:00:00 2001
From: Razvan Dimescu <ssaricu@gmail.com>
Date: Thu, 9 Apr 2026 12:54:01 +0300
Subject: [PATCH] fix: correct AUR SSH host key fingerprint

The previously pinned ed25519 key was truncated (52 chars) and did not
match the actual aur.archlinux.org host key. Verified via ssh-keyscan.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .github/workflows/publish-aur.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/publish-aur.yml b/.github/workflows/publish-aur.yml
index cab44f9..03831c9 100644
--- a/.github/workflows/publish-aur.yml
+++ b/.github/workflows/publish-aur.yml
@@ -99,7 +99,7 @@ jobs:
         run: |
           mkdir -p ~/.ssh
           # Official AUR Ed25519 fingerprint (prevents Man-in-the-Middle attacks).
-          echo "aur.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEu46S9S6YfBD5C8GeOBip8Z11+4" >> ~/.ssh/known_hosts
+          echo "aur.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEuBKrPzbawxA/k2g6NcyV5jmqwJ2s+zpgZGZ7tpLIcN" >> ~/.ssh/known_hosts
 
           # Use ssh-agent to keep the private key in memory rather than writing it to disk.
           eval $(ssh-agent -s)