Important
If your railscomplete-deployment uses the net-ssh-gem please ensure you use version 5.2.0 or newer to ensure you can deploy via Capistrano.
It's best to use the latest version, as there were multiple issues between 5.2.0 and 7.3.0.
After a distribution upgrade of Ubuntu you might experience a Host key verification error if you try to connect to the server via ssh
or sftp
.
Be aware that a Host key verification error is always suspicious. Proceed only if you're sure that you're not falling for a Man-in-the-middle attack.
If you're not sure ask the Operations-Team at makandra to verify the current host key.
To completely remove the old host key on the client run:
# remove host entry
ssh-keygen -f "$HOME/.ssh/known_hosts" -R appserver.makandra.de
# remove IP entry
ssh-keygen -f "$HOME/.ssh/known_hosts" -R $(getent hosts appserver.makandra.de | cut -d ' ' -f 1)
# Connect and accept new fingerprint
ssh appserver.makandra.de
The authenticity of host 'appserver.makandra.de (213.179.144.92)' can't be established.
ED25519 key fingerprint is SHA256:a3W73tq+k/GPNFoSwzTEO8U5F8vMh5z5Eu+2lZY15FI.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
The reason for this is that OpenSSH
uses different host key types, depending on the installed version and configuration.
On first connection your SSH client stores the currently provided host key (and type) in your known_hosts
file.
When the server stops providing that locally stored host key you get a mismatch and need to trust the alternative host key.
- 20.04 –
focal
- OpenSSH 8.2
- first-preference signature algorithm: ECDSA
- 22.04 –
jammy
- OpenSSH 8.9
- first-preference signature algorithm: ED25519
- 24.04 –
noble
- OpenSSH 9.6
- first-preference signature algorithm: ED25519
Troubleshooting note
If you see an error like this during deployment:
fingerprint SHA256:FINGERPRINT does not match for "deploy.target" (SSHKit::Runner::ExecuteError)
this guide will help you resolve the issue. It usually occurs after an upgrade of the server’s operating system (e.g. to Ubuntu 22.04 or 24.04) which changes the server's SSH host keys.