diff --git a/releasenotes/notes/fix_ssh-known-hosts-2520b9d6f67458b7.yaml b/releasenotes/notes/fix_ssh-known-hosts-2520b9d6f67458b7.yaml
new file mode 100644
index 000000000..68cef23b7
--- /dev/null
+++ b/releasenotes/notes/fix_ssh-known-hosts-2520b9d6f67458b7.yaml
@@ -0,0 +1,10 @@
+---
+fixes:
+  - |
+    Previously the tripleo-ssh-known-hosts ansible role used the list of
+    network names to create the different possible hostnames in the
+    ssh_known_hosts file. The network names do not match the actual network
+    hostnames, like internal_api vs. internalapi which results in ssh host
+    verification to fail and e.g. live migration to fail.
+    This changes to use the _hostname inventory information to be used to add
+    hostname information to the ssh_known_hosts file.
diff --git a/tripleo_ansible/roles/tripleo-ssh-known-hosts/tasks/main.yml b/tripleo_ansible/roles/tripleo-ssh-known-hosts/tasks/main.yml
index 27c6713e5..dcb1d9f72 100644
--- a/tripleo_ansible/roles/tripleo-ssh-known-hosts/tasks/main.yml
+++ b/tripleo_ansible/roles/tripleo-ssh-known-hosts/tasks/main.yml
@@ -52,8 +52,8 @@
           {%- if enabled_networks | length > 0 and role_networks and role_networks | length > 0 %},
           {%- for network in enabled_networks %}
           {%- if network in role_networks %}
-          [{{ hostvars[host][networks[network]['name'] ~ '_ip'] }}]*,[{{ host }}.{{ networks[network]['name'] }}]*,{% if 1 %}{% endif %}
-          [{{ host }}.{{ networks[network]['name'] }}.{{ cloud_domain }}]*{% if not loop.last %},{% endif %}
+          [{{ hostvars[host][networks[network]['name'] ~ '_ip'] }}]*,[{{ host }}.{{ networks[network]['name'] | replace("_", "") }}]*,{% if 1 %}{% endif %}
+          [{{ hostvars[host][networks[network]['name'] ~ '_hostname'] }}]*{% if not loop.last %},{% endif %}
           {%- endif -%}
           {%- endfor -%}
           {%- endif -%}