Best-practices for ssh & sshd with round-robin DNS or failover virtual IPs pointing to cluster nodes

Solution Unverified - Updated -

Issue

  • We have client machines connecting via ssh to a virtual IP (which automatically switches over to different systems) or to a round-robin DNS name (which returns multiple ip addrs on multiple different systems) and things don't work properly -- ssh complains about RSA host keys differing, e.g.:

    Warning: the RSA host key for 'sshd.example.com' differs from the key for the IP address '10.0.1.1'

    The systems behind the virtual IP / round-robin DNS are virtually identical. They serve the same purpose. What's the best way to configure ssh on the client or sshd on the server to handle this situation?

Environment

  • Red Hat Enterprise Linux
  • OpenSSH

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content