Re: ssh host ip/id management for dynamic dns servers

[Brian <ad44@cityscape.co.uk>]

On Tue 11 Feb 2014 at 15:22:26 +0200, Lars Noodén wrote:

> ssh-keygen -r checks the SSHFP record in DNS.  Use grep or something to
> check known_hosts.  For me, ssh-keygen -R does not remove all the
> dynamically generated host keys, however.  I've not yet identified what
> confounds ssh-keygen.

The -F option should tell you what is in known_hosts; the hostname can
be a name or an IP address. If

   ssh <name>

is used two lines are entered into known_hosts and two invocations with
'ssh-keygen -R' are needed to clear the file. With

   ssh <IP address>

only one line is produced.

Could this explain your observation?