(Net::SSH::HostKeyMismatch) random error when connecting to Debian 12 (OpenSSH_9.2)

[Chifth]

Expected behavior

I expect successfull capistrano deploy

Actual behavior

During capistrano deploy, sometimes, I got error (Net::SSH::HostKeyMismatch). But when I restart pipeline - it can pass successfully. Sometimes I need 2-3 retries.
I don`t know why this error appears.
Maybe, deprecation of sha1 plays here

System configuration

• net-ssh version net-ssh-7.2.3
• Ruby version ruby 3.3.0

Example

I use capistrano in my gitlab.-ci.yml

You can use this as stating point:

  stage: 'Deploy-Capistrano'
  image: stfalconstudio/capistrano:v0.35
  only:
    - develop
  script:
    - mkdir ~/.ssh && echo "$STAG_SERVER_APPUSER_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_ed25519 && chmod 600 ~/.ssh/id_ed25519
    - ssh-keyscan -H [DELETED] >> ~/.ssh/known_hosts
    - cap stag deploy
  environment:
    name: staging

Dockerfile of my image:

FROM ruby:3-alpine
RUN apk add --no-cache build-base openssh && gem install capistrano-symfony capistrano-deploy bcrypt_pbkdf ed25519 x25519 && apk del build-base && rm -f /var/cache/apk/*

Error in pipeline:

```Using docker image sha256:30ec60fa2ac10c9acf69812b067522ded3dac2ec1f9060e01784d01a70e8e803 for stfalconstudio/capistrano:v0.35 with digest stfalconstudio/capistrano@sha256:e16f0fb24d25b9f5831657806cb7470e80a6d65530a535e04359dec2c72cd334 ...
$ mkdir ~/.ssh && echo "$STAG_SERVER_APPUSER_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_ed25519 && chmod 600 ~/.ssh/id_ed25519
$ ssh-keyscan -H [DELETED] >> ~/.ssh/known_hosts
# 167.71.44.23:22 SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u2
# 167.71.44.23:22 SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u2
# 167.71.44.23:22 SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u2
# 167.71.44.23:22 SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u2
# 167.71.44.23:22 SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u2
$ cap stag deploy
00:00 git:wrapper
      01 mkdir -p /tmp
#<Thread:0x00007f6c17[35](https://[DELETED]/jobs/58676#L35)1288 /usr/local/bundle/gems/sshkit-1.22.1/lib/sshkit/runners/parallel.rb:10 run> terminated with exception (report_on_exception is true):
/usr/local/bundle/gems/sshkit-1.22.1/lib/sshkit/runners/parallel.rb:15:in `rescue in block (2 levels) in execute': Exception while executing as username@[DELETED]: fingerprint SHA256:A95E+w78ETXuUMRgD5wkjsZ6iZkkJXryzJDxfxQ+mNs does not match for "[DELETED](https://[DELETED]/jobs/58676#L44).23" (SSHKit::Runner::ExecuteError)
	from /usr/local/bundle/gems/sshkit-1.22.1/lib/sshkit/runners/parallel.rb:11:in `block (2 levels) in execute'
/usr/local/bundle/gems/net-ssh-7.2.3/lib/net/ssh/verifiers/always.rb:53:in `process_cache_miss': fingerprint SHA256:A95E+w78ETXuUMRgD5wkjsZ6iZkkJXryzJDxfxQ+mNs does not match for "[DELETED]" (Net::SSH::HostKeyMismatch)
	from /usr/local/bundle/gems/net-ssh-7.2.3/lib/net/ssh/verifiers/always.rb:35:in `verify'
	from /usr/local/bundle/gems/net-ssh-7.2.3/lib/net/ssh/verifiers/accept_new.rb:17:in `verify'
	from /usr/local/bundle/gems/net-ssh-7.2.3/lib/net/ssh/verifiers/accept_new_or_local_tunnel.rb:17:in `verify'
	from /usr/local/bundle/gems/net-ssh-7.2.3/lib/net/ssh/transport/kex/abstract.rb:82:in `verify_server_key'
	from /usr/local/bundle/gems/net-ssh-7.2.3/lib/net/ssh/transport/kex/abstract.rb:49:in `exchange_keys'
	from /usr/local/bundle/gems/net-ssh-7.2.3/lib/net/ssh/transport/algorithms.rb:[45](https://[DELETED]-/jobs/58676#L45)4:in `exchange_keys'
	from /usr/local/bundle/gems/net-ssh-7.2.3/lib/net/ssh/transport/algorithms.rb:253:in `proceed!'
	from /usr/local/bundle/gems/net-ssh-7.2.3/lib/net/ssh/transport/algorithms.rb:192:in `accept_kexinit'
	from /usr/local/bundle/gems/net-ssh-7.2.3/lib/net/ssh/transport/session.rb:210:in `block in poll_message'
	from <internal:kernel>:187:in `loop'
	from /usr/local/bundle/gems/net-ssh-7.2.3/lib/net/ssh/transport/session.rb:190:in `poll_message'
	from /usr/local/bundle/gems/net-ssh-7.2.3/lib/net/ssh/transport/session.rb:227:in `block in wait'
	from <internal:kernel>:187:in `loop'
	from /usr/local/bundle/gems/net-ssh-7.2.3/lib/net/ssh/transport/session.rb:224:in `wait'
	from /usr/local/bundle/gems/net-ssh-7.2.3/lib/net/ssh/transport/session.rb:89:in `initialize'
	from /usr/local/bundle/gems/net-ssh-7.2.3/lib/net/ssh.rb:258:in `new'
	from /usr/local/bundle/gems/net-ssh-7.2.3/lib/net/ssh.rb:258:in `start'
	from /usr/local/bundle/gems/sshkit-1.22.1/lib/sshkit/backends/connection_pool.rb:63:in `call'
	from /usr/local/bundle/gems/sshkit-1.22.1/lib/sshkit/backends/connection_pool.rb:63:in `with'
	from /usr/local/bundle/gems/sshkit-1.22.1/lib/sshkit/backends/netssh.rb:193:in `with_ssh'
	from /usr/local/bundle/gems/sshkit-1.22.1/lib/sshkit/backends/netssh.rb:1[46](https://[DELETED]/jobs/58676#L46):in `execute_command'
	from /usr/local/bundle/gems/sshkit-1.22.1/lib/sshkit/backends/abstract.rb:148:in `block in create_command_and_execute'
	from <internal:kernel>:90:in `tap'
	from /usr/local/bundle/gems/sshkit-1.22.1/lib/sshkit/backends/abstract.rb:148:in `create_command_and_execute'
	from /usr/local/bundle/gems/sshkit-1.22.1/lib/sshkit/backends/abstract.rb:80:in `execute'
	from /usr/local/bundle/gems/capistrano-3.18.1/lib/capistrano/scm/tasks/git.rake:8:in `block (3 levels) in eval_rakefile'
	from /usr/local/bundle/gems/sshkit-1.22.1/lib/sshkit/backends/abstract.rb:31:in `instance_exec'
	from /usr/local/bundle/gems/sshkit-1.22.1/lib/sshkit/backends/abstract.rb:31:in `run'
	from /usr/local/bundle/gems/sshkit-1.22.1/lib/sshkit/runners/parallel.rb:12:in `block (2 levels) in execute'
(Backtrace restricted to imported tasks)
cap aborted!
SSHKit::Runner::ExecuteError: Exception while executing as user@[DELETED]: fingerprint SHA256:A95E+w78ETXuUMRgD5wkjsZ6iZkkJXryzJDxfxQ+mNs does not match for "[DELETED]" (SSHKit::Runner::ExecuteError)
Caused by:
Net::SSH::HostKeyMismatch: fingerprint SHA2[56](https://[DELETED]-/jobs/58676#L56):A95E+w78ETXuUMRgD5wkjsZ6iZkkJXryzJDxfxQ+mNs does not match for "[DELETED]" (Net::SSH::HostKeyMismatch)
Tasks: TOP => deploy:check => git:check => git:wrapper
(See full trace by running task with --trace)
The deploy has failed with an error: Exception while executing as user@[DELETED]: fingerprint SHA256:A95E+w78ETXuUMRgD5wkjsZ6iZkkJXryzJDxfxQ+mNs does not match for "[DELETED]"
** DEPLOY FAILED

I going to try ssh-keyscan -t ed25519,rsa,ecdsa -H [DELETED] to write only supported fingerprints to known_hosts.
because keyscan give me some of empty lines (example from my capistrano container, if I turn on only ed25519 and ecdsa keys in sshd_config)

/ # ssh-keyscan -H [DELETED]
# [DELETED]:22 SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u2
# [DELETED]:22 SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u2
# [DELETED]:22 SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u2
|1|OH9EHVU8SQc7WRI257hdy8eVKjY=|QFvc5enRoJfot3D7sghrZ64OWkw= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKg0CQbgrM8cExsnN25q/4B/BvlLbW35IAz+vmq7LAY1OuYhZwWLHujN9GuPUCHw4cFgHMkJ2jaieJmXLcmetgs=
# [DELETED]:22 SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u2
|1|AoeABHEpfr1gY0QaJDR9HBzY19E=|VEWwJyOrvNblIwC9OZVDLjKE4Sc= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBvineDjZ4OdGxd7xfQJt/jhYhSJ+A0KVqgYAYgJ5BBJ
# [DELETED]:22 SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u2

so, meybe, empty lines, somehow, used during capistrano deploy connection and trigger key missmatch error.
But i dont try yet. Maybe I miss something.