Yeah I've done it. Not for Git but for SSH. I'll call the admin out-of-band and read him part of the fingerprint, and ask him to read another part back. Only done it a few times when I'm setting up a new machine and don't have an already-authenticated one to check against.
If I've got suspicions about the network connection I'm on, I'll first ask him some questions about our adventures years ago, that nobody else would likely know about.
And one time when the host key changed, and I wasn't expecting it, he said my call was how he knew he replaced the right box. Tongue-in-cheek, but only barely.
The only time I immediately dismiss the key-changed message is when I'm cycling yet another raspberry pi image into the same IP as an old one or whatever, and I'm on the local network so I know exactly what's going on.
If I've got suspicions about the network connection I'm on, I'll first ask him some questions about our adventures years ago, that nobody else would likely know about.
And one time when the host key changed, and I wasn't expecting it, he said my call was how he knew he replaced the right box. Tongue-in-cheek, but only barely.
The only time I immediately dismiss the key-changed message is when I'm cycling yet another raspberry pi image into the same IP as an old one or whatever, and I'm on the local network so I know exactly what's going on.