On 2021-06-06, Avon Robertson <avo...@xtra.co.nz> wrote: > reposync: host key verification failed - see > /var/db/reposync/known_hosts > > The same error was then recorded in my log on the 3rd, 4th, 5th, and > 6th of June. The above known_hosts file does not exist on this machine. > The FILES section of reposync(1) I have interpreted as meaning that the > above known_hosts file, is not needed when the official keys exist in > file /usr/local/share/reposync/ssh_known_hosts which they do on this > machine.
So what are the fingerprints of the SSH keys in your ssh_known_hosts? $ ssh-keygen -lf /usr/local/share/reposync/ssh_known_hosts How do they compare against those given for anoncvs.au.openbsd.org on https://www.openbsd.org/anoncvs.html ? > Hints as to where the problem is would be very appreciated. anoncvs.au.openbsd.org could have changed SSH keys, but that is not the case. The entries on anoncvs.html have not been updated recently and they match the keys that I see from this host right now. 256 SHA256:kg2Zaqpd8ZuluPzlpFS9rEw0KR1UmxD9jSG6+2tr28A anoncvs.au.openbsd.org (ECDSA) 2048 SHA256:pPcBY4E33vwreETbz5KJUIzZpWWzaZPhrpnLaFa7WuQ anoncvs.au.openbsd.org (RSA) 256 SHA256:4CbDtzH/6mqQ/f6KDLz0rdqK2Thk4dQQtHXOxTONEvk anoncvs.au.openbsd.org (ED25519) Your /usr/local/share/reposync/ssh_known_hosts could have become corrupted. Somebody could be hijacking your TCP connections and trying to redirect them to a different machine. That is what the SSH host keys protect against. THIS IS APPROXIMATELY NEVER THE CASE. -- Christian "naddy" Weisgerber na...@mips.inka.de
