diff --git a/paramiko/pkey.py b/paramiko/pkey.py
index 797e77238..f19196605 100644
--- a/paramiko/pkey.py
+++ b/paramiko/pkey.py
@@ -140,7 +140,7 @@ def __cmp__(self, other):
         return cmp(self.asbytes(), other.asbytes())  # noqa
 
     def __eq__(self, other):
-        return self._fields == other._fields
+        return isinstance(other, PKey) and self._fields == other._fields
 
     def __hash__(self):
         return hash(self._fields)
diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst
index eb1e07043..21117b8fd 100644
--- a/sites/www/changelog.rst
+++ b/sites/www/changelog.rst
@@ -2,6 +2,12 @@
 Changelog
 =========
 
+- :bug:`1964` (via :issue:`2024` as also reported in :issue:`2023`)
+  `~paramiko.pkey.PKey` instances' ``__eq__`` did not have the usual safety
+  guard in place to ensure they were being compared to another ``PKey`` object,
+  causing occasional spurious ``BadHostKeyException`` (among other things).
+  This has been fixed. Thanks to Shengdun Hua for the original report/patch and
+  to Christopher Papke for the final version of the fix.
 - :bug:`2035` Servers offering certificate variants of hostkey algorithms (eg
   ``ssh-rsa-cert-v01@openssh.com``) could not have their host keys verified by
   Paramiko clients, as it only ever considered non-cert key types for that part
diff --git a/tests/test_pkey.py b/tests/test_pkey.py
index e1a3a362c..3bc0459a4 100644
--- a/tests/test_pkey.py
+++ b/tests/test_pkey.py
@@ -624,6 +624,11 @@ def test_keys_are_comparable(self):
         for key1, key2 in self.keys():
             assert key1 == key2
 
+    def test_keys_are_not_equal_to_other(self):
+        for value in [None, True, ""]:
+            for key1, _ in self.keys():
+                assert key1 != value
+
     def test_keys_are_hashable(self):
         # NOTE: this isn't a great test due to hashseed randomization under
         # Python 3 preventing use of static values, but it does still prove