[lmi] Conflicting ssh keys [Was: Using git to manage CVS webpages repository]

[Greg Chicares]

Vadim--Happy New Year. How would you suggest dealing with the problem
that I seem to have gotten myself into below?

On 2018-01-08 17:52, Greg Chicares wrote:
[...]
> (0) Update ECDSA host key
> 
> This key has apparently changed since I used it last. Accepting the
> new key, after verifying its fingerprint, allowed me to continue,
> although this warning appeared each time:
> 
> Warning: the ECDSA host key for 'cvs.sv.gnu.org' differs from the key for the 
> IP address '208.118.235.201'
> Offending key for IP in /home/greg/.ssh/known_hosts:6
> Matching host key in /home/greg/.ssh/known_hosts:7
> 
> ..so I obliterated all keys for that host...
> 
> ssh-keygen -f "/home/greg/.ssh/known_hosts" -R 208.118.235.201
> 
> ..and re-accepted the new (fingerprint-verified) key.

Now, for the first time since then, I try using git, but...

/opt/lmi/src/lmi[0]$git status
On branch master
Your branch is ahead of 'origin/master' by 2 commits.
  (use "git push" to publish your local commits)
nothing to commit, working tree clean
/opt/lmi/src/lmi[0]$git push
Warning: the RSA host key for 'git.sv.gnu.org' differs from the key for the IP 
address '208.118.235.201'
Offending key for IP in /home/greg/.ssh/known_hosts:7
Matching host key in /home/greg/.ssh/known_hosts:1
Are you sure you want to continue connecting (yes/no)? n
Please type 'yes' or 'no': no

I've read through this thread:
  https://savannah.gnu.org/support/?109343
which is perhaps more readable via the mailing list:
  http://lists.gnu.org/archive/html/savannah-hackers/2017-06/msg00058.html
The diagnostics I've copied above seem to me to suggest that gnu.org's
distinct VCS and web servers have incompatible ssh-key requirements.
However, Bob Proulx's msg00058.html says that the problem is with my
local ssh client and cannot be fixed on the server, so I wonder what
I might do so that everything just works without these diagnostics.

/opt/lmi/proprietary[0]$cat /etc/debian_version 
9.3
/opt/lmi/proprietary[0]$ssh -V                 
OpenSSH_7.4p1 Debian-10+deb9u2, OpenSSL 1.0.2l  25 May 2017

/opt/lmi/proprietary[0]$ssh-keygen -l -F git.savannah.gnu.org
/opt/lmi/proprietary[1]$ssh-keygen -l -F git.sv.gnu.org      
# Host git.sv.gnu.org found: line 1 
git.sv.gnu.org RSA SHA256:FYkx0iik+iBeCLRzvUyUSTRT98TEBBJoYuQsTXbyGL8 
/opt/lmi/proprietary[0]$ssh-keygen -l -F 208.118.235.201     
# Host 208.118.235.201 found: line 7 
208.118.235.201 ECDSA SHA256:qRLLJ4w/GAeiDyYnbx4yWJbZXwGiYYxgNty7lAfUyuM 

Both those fingerprints match those given here:
  https://savannah.gnu.org/maintenance/SshAccess/

My seventh (offending) and first (matching) keys...
  Offending key for IP in /home/greg/.ssh/known_hosts:7
  Matching host key in /home/greg/.ssh/known_hosts:1
...are as follows:

/opt/lmi/proprietary[0]$< ~/.ssh/known_hosts sed -e'1p;7p;d'
|1|Wb/XWd1XH0zvkvxfCwMdunp/DcM=|guoNL7zTcsZuopnegcVCGEIM5dw= ssh-rsa 
AAAAB3NzaC1yc2EAAAABIwAAAIEAzFQovi+67xa+wymRz9u3plx0ntQnELBoNU4SCl3RkwSFZkrZsRTC0fTpOKatQNs1r/BLFoVt21oVFwIXVevGQwB+Lf0Z+5w9qwVAQNu/YUAFHBPTqBze4wYK/gSWqQOLoj7rOhZk0xtAS6USqcfKdzMdRWgeuZ550P6gSzEHfv0=
|1|bjVfA6AbW2nQtju/9MSyELNcZWk=|w0+3OcPbZZx2+ntYxUVIY5xd/f4= 
ecdsa-sha2-nistp256 
AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBP9c1Z2f4OHxymvLxqxQ/hY1g0ol0/iiXUrVFGZBBq4h5gD05c7Gw9rRrcrvF9XvumBvOghOQzDSZZLRWvFGocA=

Having verified the fingerprints, I proceeded to answer "yes" to
the "Are you sure" question, and 'git push' succeeded; but when I
push again, the "Offending key" diagnostic appears again:

/opt/lmi/src/lmi[0]$git push
Warning: the RSA host key for 'git.sv.gnu.org' differs from the key for the IP 
address '208.118.235.201'
Offending key for IP in /home/greg/.ssh/known_hosts:7
Matching host key in /home/greg/.ssh/known_hosts:1
Are you sure you want to continue connecting (yes/no)? yes
Enter passphrase for key '/home/greg/.ssh/id_rsa': 

I suppose I could just live with that, but I'd really like to know
how to fix the cause of the problem if possible.