-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In the past I have regularly done updates on my server using ssh
access from this laptop.  I can no longer do this.  It may be
connected with the fact that I installed keychain on both the server
and the laptop?

However - strict-checking is set to "ask" which seems to be the
default.  I get

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle
attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
e7:69:b4:4a:b3:31:39:c3:44:42:0a:b5:42:99:de:13.
Please contact your system administrator.
Add correct host key in /home/anne/.ssh/known_hosts to get rid of this
message.
Offending key in /home/anne/.ssh/known_hosts:3
RSA host key for 192.168.0.40 has changed and you have requested
strict checking.
Host key verification failed.

On the server I used ssh-keygen to list the fingerprint, and it
matches the above.  I then copied the rsa public key into
~/.ssh/known_hosts, but I still can't get any further.

I have tried removing the key so that there no longer is an entry
known_hosts:3 in the hope that it would ask me to verify, as it used
to.  When that didn't work, I replaced the key but then tried changing
strict-checking temporarily to "no" (it's changed back now), again,
hoping that it would allow me to verify the key.

What steps have I missed?  Are changes personal (i.e. re-read at
login) or do they require a reboot?  Should I be making changes to
~/.ssh or /etc/ssh files or both?

Anne
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk9c38MACgkQj93fyh4cnBfEQwCdEbAxDawrC06/l4bcxkkd8rjv
8cwAoIIrKI/t6Yhj3wxAplm/LbUFiur4
=jEe4
-----END PGP SIGNATURE-----