How to match precisely new connection to previous one?

ssh -p 8022 CENSORED_INTERNAL_IPV4

Output:

The authenticity of host '[CENSORED_INTERNAL_IPV4]:8022 ([CENSORED_INTERNAL_IPV4]:8022)' can't be established.
ED25519 key fingerprint is SHA256:CENSORED.
This host key is known by the following other names/addresses:
    ~/.ssh/known_hosts:135: [hashed name]
    ~/.ssh/known_hosts:194: [hashed name]
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[CENSORED_INTERNAL_IPV4]:8022' (ED25519) to the list of known hosts.

For instance I ssh to a server suspicious_server that I assume being tampered and verify and add its public key fingerprint locally and proceeded similarly with a server trusted_server that I trust and want now to connect to the latter server but with a different INTERNAL_IPV4 let say, then how can I ensure that the fingerprint SSH reminds me being aware is the one of trusted_server and not suspicious_server? It should not be hard if ~/.ssh/known_hosts is not censored as I probably added it with its hostname similar to trusted_server.

+69

Edited Sep 26, 2025 by Benjamin Loison