I likewise notifced this. A similar situation happend back in July and
the offered key has the same fingerpint is identical. I''ve quoted the
explanation from the previous occurrence below:
By way of explanation: I run a separate sshd for the anoncvs
service and I forgot to restart it, so connections were
falling through to the wildcard-bound main sshd.
On Mon, Nov 04, 2013 at 18:57:29 +0000, mancha wrote:> Hello. While syncing OpenSSH portable CVS I received:
>
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
> Someone could be eavesdropping on you right now (man-in-the-middle
> attack)!
> It is also possible that a host key has just been changed.
> The fingerprint for the ECDSA key sent by the remote host is
> d0:46:24:c1:63:cf:6b:f2:e3:33:3d:15:62:08:53:72.
> Please contact your system administrator.
> [EDIT]
> ECDSA host key for anoncvs.mindrot.org has changed and you have
> requested strict checking.
> Host key verification failed.
>
> Please confirm/deny the key change.
>
> --mancha
>
> PS If this change is valid, can you please give details on how
> to track these changes in the future?
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev@mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
--
Iain Morgan