UpdateHostkeys now enabled by default

Damien Miller djm at mindrot.org
Mon Oct 5 10:18:07 AEDT 2020


On Sun, 4 Oct 2020, Matthieu Herrb wrote:

> thanks for the patch, unfortunatly it doesn't solve the issue. ssh is
> still claiming that the ecdsa key present in known_hosts differs from
> the ed25519 key.
> And if I answer yes to the question known_hosts is not updated.
> 
> The way to fix this is still to remove the ecdsa key from
> known_hosts manually.

Please try removing the ssh-ed25519 key from known_hosts (leaving just
the ECDSA lines for name and IP) and try connecting with my patch. IMO
the problem is that unpatched ssh forgot to write a known_hosts entry
for the host's IP address and left your known_hosts in an inconsistent
state.

If that fails then please send a debug trace from ssh ("ssh -vvv ...")

-d


More information about the openssh-unix-dev mailing list