I recently upgraded my FreeBSD from 10.0 to 10.1.
I have ssh'd, sftp'd in and out of it during and since the upgrade without taking note of any unusual messages.
Today I needed to rsync a few things from the FreeBSD to another which I know has not been accessed since the upgrade and I got the following message:
Code:
slogin ------@-------
The authenticity of host '------- (--.--.--.--)' can't be established.
ECDSA key fingerprint is ------------.
No matching host key fingerprint found in DNS.
Are you sure you want to continue connecting (yes/no)?
I am sure that IP has not changed (both static IP), the hardware has not changed and both are on a wired LAN behind a router. There is in fact an ecdsa key entry for this machine in ~/.ssh/known-hosts. I also get the same message for a second user account between the same two machines.
I do not recall seeing this message for other hosts to which I have ssh'd since the upgrade (although I will admit that it is possible I did see it and continued past it during the upgrade, thereby resetting the key).
The particular machine for which I am seeing this message is a sensitive one, so while I think it very unlikely to have been compromised, I would like to try to satisfy myself that there is another reasonable reason for this.
I know that OpenSSH was updated during the upgrade, and have read in the release notes that the startup script now generates ED25519 host keys if they do not exist - but I am not sure I understand what that means and whether it could be the cause.
Does anyone know if an upgrade from 10.0 to 10.1 would likely result in such behavior, or can anyone offer suggestions on what or how to do to ease my concerns.