On 2026-04-10, Jeffrey Walton wrote: > $ ssh cryptopp.com > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! > Someone could be eavesdropping on you right now (man-in-the-middle attack)! > It is also possible that a host key has just been changed. > The fingerprint for the ED25519 key sent by the remote host is > SHA256:OTLUNQZNIz4A1Cz9/fSEmvyfqxZaGT2xcFcF2yAcYIg. > Please contact your system administrator. > Add correct host key in /home/jwalton/.ssh/known_hosts to get rid of > this message. > Offending ECDSA key in /home/jwalton/.ssh/known_hosts:33 > remove with: > ssh-keygen -f "/home/jwalton/.ssh/known_hosts" -R "cryptopp.com" > Host key for cryptopp.com has changed and you have requested strict checking. > Host key verification failed.
openssh changed its preferred key from ECDSA to ED25519. It was some time ago. But as Greg said each provider cooks their servers differently. So it seems your server had an ECDSA and now has both or only ED25519. Perhaps you should log on your server and check its keys in /etc/ssh. You can also check the server config with: sshd -T If all is ok remove the old ECDSA key with ssh-keygen as shown.
