--On Monday, January 01, 2024 1:01 PM +0100 lejeczek via CentOS
<centos at centos.org> wrote:
> -> $ ssh box5.proxmox.mine hostname -i
> 10.3.1.78
>
> -> $ ssh box5 hostname -i
> Warning: the RSA host key for 'box5' differs from the key for the
IP
> address '10.3.1.78'
> Offending key for IP in /root/.ssh/known_hosts:2
> Matching host key in /etc/ssh/ssh_known_hosts:2
> Are you sure you want to continue connecting (yes/no)? yes
> 10.3.1.78
>
> This is same one host I _ssh_ to.
> Is this purely _ssh_ and way to fix it would be 'configuration' or
> perhaps (ssh &) something else?
> I don't quite get what exactly is happening here.
When you create a new ssh host (ie. run sshd) for the first time, a host
key is created that uniquely identifies the host. When a client connects to
that host for the first time, it caches that key in its ssh_known_hosts
file. It's just a line of text with the host name (or IP address if no
name)and its key. If the client later connects and discovers a different
key, that's a clue that someone is trying to scam you and pretend to be
that trusted host. If you know the host is ok, then something changed its
key. The simple fix for that is to remove any lines in ssh_known_hosts for
that host and let the client re-learn the new key. But be sure you're
really connecting to the host you think you're connecting to. On a
corporate network, an evil machine might be using ARP spoofing to pretend
to be the IP you want.