Mechanism to know what hosts you trust to ssh into.

Example:

The authenticity of host 'myhost.example.com (172.23.176.251)' can't be established.
RSA key fingerprint is SHA256:v5PXX8zCmYY1P01WcEjbEXsj08k4zqPOF3EHqwDwokk.
Are you sure you want to continue connecting (yes/no)?

If you type yes, then a new entry will be added to your known hosts file (~/.ssh/known_hosts).

Warning: Permanently added 'detiffe.aka.corp.amazon.com,172.23.176.251' (RSA) to the list of known hosts.

The new entry will look like this:

myhost.example.com,172.23.176.251 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/y5+MOdz0P4k7iBT8SfsbJhoTJLda/ijuiBS9ZA2aCVkU8gHxwUADVPXVIBifU853CDcPARnowW5w4FCf9/RhrLFHeasPbFmZGOnTfDNox15YvgvTQEffxhd1XnuJMG7rqQSqcXGZ6KdPe8AYcQ1kHsODzzP+iCO3LSvxO9y9pfN9S4jnVlo2mTZL97zhlgfwKb5MDOWxxOm9gOWMoxt+6+5ocL6dlu+F8GcMqddo3o748QUeLwvF1GgD4vzcMUz+xUWSldGVDDLUeGChsi3rINBb74bMP9XvfRfaCpcopddyOeTUsiXpTm8o82EDPXkASW230OJChQfu0pI+4a0r

How to fix “REMOTE HOST IDENTIFICATION HAS CHANGED!” issue?

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is

The remedy is to edit your ~/.ssh/known_hosts file and remove the line corresponding to the IP address of the host you’re trying to get to, then make your SSH connection again and say yes to the new host key.

What you’re seeing there is that the host you’re trying to establish an SSH connection to was already added previously to your ~/.ssh/known_hosts file with a different host key. This is expected in an environment as we periodically rebake and deploy VMs, which will have a brand-new generated host key but might have an IP address that was previously assigned to another host (i.e. DHCP).