Question

Are droplet SSH fingerprints ever administratively recomputed?

Posted October 10, 2019 719 views
DigitalOcean Accounts

I just ssh’d into a droplet to upgrade the metrics agent, and noticed I needed to do a package upgrade. The upgrade failed a couple times (error “FATAL -> Failed to fork.”), so I rebooted the droplet. After reboot, the SSH fingerprint for the droplet had changed! Accessing the droplet console through the web UI shows the updated fingerprint as well, but why did it change? Was there some administrative event I missed?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

1 answer

Hello,

I’ve seen this a few times and it was caused by one of the following:

  • After the reboot, your server removed an old ciphersuite.

  • Connecting to the same server using a different hostname.

  • The server IP has changed. This might not be the case for you unless you restored a snapshot of your droplet.

Regards,
Bobby

Submit an Answer