Python (Scripting) - Resolve "Host key for server does not match"
                
            
            
            
             
            
            
                           
                
            
            
            
                
    
    
     
            
                
                    by
                    Jeremy Canfield  |  
                    Updated: November 06 2023
                    
                          |  Python (Scripting) articles
                    
                    
                    
                
            
            Let's say something like this is being returned.
Host key for server 'server1.example.com' does not match: got 'AAAAC.....pVlrv'
I got this when attempting to create an SSH connection using paramiko.
#!/usr/bin/python
import paramiko
ssh = paramiko.SSHClient()
result = ssh.connect("<hostname or IP address of target system>", username="<username>",password="<password>")
print(result)
This means the SSH key in my users known_hosts file does not match the SSH key being presented by the target server when attempting to establish the SSH connection.
~]$ grep -i server1.example.com /home/webproc/.ssh/known_hosts
server1.example.com,10.11.12.13 ssh-rsa AAAAC.....pVlrv
The ssh-keyscan command can be used to see the SSH keys being presented by the target server.
~]$ ssh-keyscan server1.example.com
# server1.example.com:22 SSH-2.0-OpenSSH_8.7
dlomweb011 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDu73zyYu6CDTTdJxzLZSmzKvv6kBnpdUEqmyfw/0Pjs
# server1.example.com:22 SSH-2.0-OpenSSH_8.7
# server1.example.com:22 SSH-2.0-OpenSSH_8.7
server1.example.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMYATpYR08vVu8gnGelk+poiDpnCNicQ5PJvW3exKmp5zyKWayon3NyAAWG4mq2uepCMKzbJxWnfatWPvzgfShk=
If the target server is inside your private network, you can probably update your Python script to include ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) and look_for_keys=False. Also ensure your Python script does NOT have ssh.load_system_host_keys().
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(server, username=user, password=pw, look_for_keys=False)
Did you find this article helpful?
If so, consider buying me a coffee over at 