When reinstalling servers with new versions of operating system or simply reprovisioning VMs under the same hostname, you eventually get this Host Key Verification Failed scenario. Should be easy enough to fix, once you're positive that's a valid infrastructure change.
Host Key Verification
Host key verification happens when you attempt to access remote server with SSH. Before verifying if you have a user on the remote server and whether your password or SSH key match that remote user, SSH client must do basic sanity checks on the lower level.
Specifically, SSH client checks if you attempted connecting to the remote server before. And whether anything changed since last time (it shouldn't have).
Server (host) keys must not change during a normal life cycle of a server – they are generated at server/VM build stage (when OpenSSH starts up the first time) and remain the same – it's the server's identity.
This means if your SSH client has one keyprint for a particular server, and then suddenly detects it's a different one – it's flagged as an issue: at best, you're looking at the new, legit server replacement with the same hostname. At worst, someone's trying to intercept your connection and/or pretend to be your server.
[Read more…] about Host Key Verification Failed