Best-practices for ssh & sshd with round-robin DNS or failover virtual IPs pointing to cluster nodes
Issue
-
We have client machines connecting via ssh to a virtual IP (which automatically switches over to different systems) or to a round-robin DNS name (which returns multiple ip addrs on multiple different systems) and things don't work properly --
ssh
complains about RSA host keys differing, e.g.:Warning: the RSA host key for 'sshd.example.com' differs from the key for the IP address '10.0.1.1'
The systems behind the virtual IP / round-robin DNS are virtually identical. They serve the same purpose. What's the best way to configure
ssh
on the client orsshd
on the server to handle this situation?
Environment
- Red Hat Enterprise Linux
- OpenSSH
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.