Buy commercial curl support. We
help you work out your issues, debug your libcurl applications, use the API,
port to new platforms, add new features and more. With a team lead by the
curl founder Daniel himself.
Re: Help With curl error 60 and the known _hosts file
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Michael Newman via curl-users <curl-users_at_lists.haxx.se>
Date: Thu, 19 Mar 2026 06:01:46 +0700
Thank you for the advice. The scripts are all systemd jobs executed by the user pi.
I wrote a test script using sftp instead of curl and it works fine. No authentication problems.
So, I guess I’ll rewrite all four scripts (one per machine) to use sftp and give up on curl.
I contacted the web host to ask why the host keys changed. They had no clue and promised to get back to me but that was over 12 hours ago.
> On Mar 19, 2026, at 04:46, Bastian Jesuiter via curl-users <curl-users_at_lists.haxx.se> wrote:
>
> Hi,
>
> In general please be really careful with accepting new host keys.
>
> The host keys should not change in normal circumstances ever.
> Did you reinstall your raspi?
>
> Otherwise make sure to check if someone is man in the middle on your ssh connection, which may lead to your raspberry pi being compromised.
>
> Depending on which user the curl is called with, the "known hosts" file changes.
>
> If it's a cronjob, check which user is actually executing the script. If it's another user than the user you tried to ssh with, than that's the reason why curl still fails. Each user has its own known hosts file.
>
> Bastian
>
> On Wed, 18 Mar 2026, 22:24 Michael Newman via curl-users, <curl-users_at_lists.haxx.se <mailto:curl-users_at_lists.haxx.se>> wrote:
>> Please understand that I am a naive user who understands very little of how this all works.
>>
>> I have four Raspberry Pies in two different locations each of which uses curl to upload a web cam image to a web host once every two minutes. This has been working well for many years.
>>
>> Suddenly at about 3:08 PM today (Thailand time) all of the uploads began failing as follows:
>>
>> Wed Mar 18 15:08:21 +07 2026 Upload Ended 7 - raspsky
>> curl: (7) Failed to connect to mydomain.com <http://mydomain.com/> port 22: Connection refused
>>
>> At about 3:34 that changed to:
>>
>> Wed Mar 18 15:34:19 +07 2026 Upload Ended 60 - raspsky
>> curl: (60) SSL peer certificate or SSH remote key was not OK
>>
>> Assuming that it was the SSH remote key that was the problem I tried logging in to the host via SSH. Sure enough, I was told that the host key did not match the known_hosts file. So, I permitted the “new” host key to be added to the known_hosts file after which I was able to log in via SSH which I can still do.
>>
>> Sadly, curl still fails even though the new and known-correct host key is in the known_hosts file.
>>
>> So, what do I need to do to get curl to find the new host key in the updated known_hosts file?
>>
>> Or, do I have this completely wrong and need to do something completely different?
>>
>> Thanks in advance,
>>
>> Mike Newman
>> Korat, Thailand
>>
>>
>> --
>> Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-users
>> Etiquette: https://curl.se/mail/etiquette.html
> --
> Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-users
> Etiquette: https://curl.se/mail/etiquette.html
Received on 2026-03-19
Date: Thu, 19 Mar 2026 06:01:46 +0700
Thank you for the advice. The scripts are all systemd jobs executed by the user pi.
I wrote a test script using sftp instead of curl and it works fine. No authentication problems.
So, I guess I’ll rewrite all four scripts (one per machine) to use sftp and give up on curl.
I contacted the web host to ask why the host keys changed. They had no clue and promised to get back to me but that was over 12 hours ago.
> On Mar 19, 2026, at 04:46, Bastian Jesuiter via curl-users <curl-users_at_lists.haxx.se> wrote:
>
> Hi,
>
> In general please be really careful with accepting new host keys.
>
> The host keys should not change in normal circumstances ever.
> Did you reinstall your raspi?
>
> Otherwise make sure to check if someone is man in the middle on your ssh connection, which may lead to your raspberry pi being compromised.
>
> Depending on which user the curl is called with, the "known hosts" file changes.
>
> If it's a cronjob, check which user is actually executing the script. If it's another user than the user you tried to ssh with, than that's the reason why curl still fails. Each user has its own known hosts file.
>
> Bastian
>
> On Wed, 18 Mar 2026, 22:24 Michael Newman via curl-users, <curl-users_at_lists.haxx.se <mailto:curl-users_at_lists.haxx.se>> wrote:
>> Please understand that I am a naive user who understands very little of how this all works.
>>
>> I have four Raspberry Pies in two different locations each of which uses curl to upload a web cam image to a web host once every two minutes. This has been working well for many years.
>>
>> Suddenly at about 3:08 PM today (Thailand time) all of the uploads began failing as follows:
>>
>> Wed Mar 18 15:08:21 +07 2026 Upload Ended 7 - raspsky
>> curl: (7) Failed to connect to mydomain.com <http://mydomain.com/> port 22: Connection refused
>>
>> At about 3:34 that changed to:
>>
>> Wed Mar 18 15:34:19 +07 2026 Upload Ended 60 - raspsky
>> curl: (60) SSL peer certificate or SSH remote key was not OK
>>
>> Assuming that it was the SSH remote key that was the problem I tried logging in to the host via SSH. Sure enough, I was told that the host key did not match the known_hosts file. So, I permitted the “new” host key to be added to the known_hosts file after which I was able to log in via SSH which I can still do.
>>
>> Sadly, curl still fails even though the new and known-correct host key is in the known_hosts file.
>>
>> So, what do I need to do to get curl to find the new host key in the updated known_hosts file?
>>
>> Or, do I have this completely wrong and need to do something completely different?
>>
>> Thanks in advance,
>>
>> Mike Newman
>> Korat, Thailand
>>
>>
>> --
>> Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-users
>> Etiquette: https://curl.se/mail/etiquette.html
> --
> Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-users
> Etiquette: https://curl.se/mail/etiquette.html
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-users Etiquette: https://curl.se/mail/etiquette.html
- application/pkcs7-signature attachment: smime.p7s