Hi, I now have the dropbearkey code integrated into my embedded stuff. I assume the idea is to call this function each time the server starts up.
Then each time the server starts, future client connections will reject the server connection until $HOME/.ssh/known_hosts is purged of that server's key information. Correct so far? Assuming yes... Then, the user of the client has to accept the new credentials based on the RSA key fingerprint from the server. So, shouldn't the message that comes out of the client reflect the same fingerprint as that which was printed when the key was created on the server? (mine doesn't) Ed