There are 3 machines: A (from where I connect to B and C), B, and C.
B and C have the same SSHD host keys (they have been copied, so they are 100% the same, SSHD has been restarted too, identical sshd_config file).
On C the known_hosts file looks like this:
C:~/.ssh # grep B *
C:~/.ssh # grep A *
known_hosts:ssh-rsa xxxx...xxxx
C:~/.ssh #
When we try to connect from C to A then "A" offers it's RSA hosts key.
When we try to connect from C to B then "B" offers it's ECDSA hosts key.
Question: Why? Wouldn't it be logical that the "A" and "B" server should offer both the ex.: their RSA SSHD hosts keys?
Best Answer
ECDH/ECDSA keys are preferred when learning a host key for the first time. Since host C already knows host A's RSA key, it keeps using that. But since host C knows nothing about host B's keys, the ECDH/ECDSA is used.
(I referenced the release notes for 5.7, when ECDH/ECDSA was introduced).
Questions I got: Are both keys needed? Well, yes. Not every install of SSH out there supports ECDSA, so you need RSA. (For example, putty doesn't do ECDSA yet) What happens if I only had ECDSA? Depends on who is trying to contact you. If they support ECDSA, then everything works as expected. If they don't, you'll get a failure of some sort. Which one is better? I personally don't know. ECDSA requires less horsepower, so I have found it more snappy on older hardware. And since OpenSSH prefers it over RSA, I'm guessing the developers think ECDSA is better.