CURLOPT_SSH_KEYFUNCTION.known_host matching has been done, to allow the application to act and decide for libcurl how to proceed. The callback will only be called if CURLOPT_SSH_KNOWNHOSTS is also set.CURLKHSTAT_FINE_REPLACE - The new host+key is accepted and libcurl will replace the old host+key into the known_hosts file before continuing with the connection. This will also add the new host+key combo to the known_host pool kept in memory if it was not already present there. The adding of data to the file is done by completely replacing the file with a new copy, so the permissions of the file must allow this.CURLKHSTAT_FINE_ADD_TO_FILE - The host+key is accepted and libcurl will append it to the known_hosts file before continuing with the connection. This will also add the host+key combo to the known_host pool kept in memory if it was not already present there. The adding of data to the file is done by completely replacing the file with a new copy, so the permissions of the file must allow this.CURLKHSTAT_FINE - The host+key is accepted libcurl will continue with the connection. This will also add the host+key combo to the known_host pool kept in memory if it was not already present there.CURLKHSTAT_REJECT - The host+key is rejected. libcurl will deny the connection to continue and it will be closed.CURLKHSTAT_DEFER - The host+key is rejected, but the SSH connection is asked to be kept alive. This feature could be used when the app wants to somehow return and act on the host+key situation and then retry without needing the overhead of setting it up from scratch again.