Re: OpenSSH: cause of random kex_exchange_identification errors?

[Greg Wooledge <greg@wooledge.org>]

On Wed, Feb 02, 2022 at 02:21:08PM -0500, gene heskett wrote:
> When I change something, like rebooting the rpi4 running my big Sheldon 
> lathe, from debian buster to debian bullseye, the keyfile changes, and I 
> get an explicit error telling me to run ssh-keygen to remove the 
> offending key, which I do, [...]

What *I* would do is copy the host key files from the buster instance
(the one that your client recognizes as valid) into the bullseye
instance.  That way, the client will recognize *both* server instances
as the same host.

The host keys are in the /etc/ssh/ directory in Debian.  There are
several files, and they all begin with ssh_host.  Just copy them over
and make sure the permissions are retained.  (The ones without .pub on
the end are meant to be private, so they have tighter permissions.)

If you're not running Debian, but instead are running some perverse
derivative that changes everything but still calls its releases "buster"
and "bullseye" in order to maximize confusion, then your host keys might
be in some other directory.