Currently I am using Paramiko (in Python) to execute remote command on a node. At times, remote nodes change theirs public key, and consequently Paramiko fails as fingerprints do not match. Is there a way to update the keys in known_hosts file when they change? If this is not possible is there any other way to ignore the warning thrown?
Currently I have a hacky solution where known_hosts file is deleted before making the call which is not good.
BadHostKeyException is thrown when a host key changes, as that is a sign of the connecting being hijacked (aka Man-in-the-middle attack).
You should never blindly ignore the exception. Unless maybe, if you connect to a server located in the same private network as your client.
In your specific case, a better strategy is to preserve host keys during server reinstall.
Anyway, if you really do not care about security, and are willing to blindly accept any host key:
do not call SSHClient.load_host_keys, so that you start with a blank list of known host keys;
and use AutoAddPolicy, to automatically accept host keys of new hosts (all hosts are new due to the previous point):
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())