diff --git a/roles/ipaclient/defaults/main.yml b/roles/ipaclient/defaults/main.yml
index a7aedf9711f7ca838273dc4c358848b00b958490..da013cfd07e48a298ea23f9124250a88e942d107 100644
--- a/roles/ipaclient/defaults/main.yml
+++ b/roles/ipaclient/defaults/main.yml
@@ -10,3 +10,4 @@ ipaclient_allow_repair: no
 ipaclient_on_master: no
 ipaclient_no_ntp: no
 ipaclient_no_dns_lookup: no
+ipaclient_ssh_trust_dns: no
diff --git a/roles/ipareplica/defaults/main.yml b/roles/ipareplica/defaults/main.yml
index fb8c904bd1d37cfcd790e32e3628ccac3c87b822..5314df5cd7fead14738bdd166244e862f1b51fde 100644
--- a/roles/ipareplica/defaults/main.yml
+++ b/roles/ipareplica/defaults/main.yml
@@ -19,6 +19,7 @@ ipaclient_no_ntp: no
 #ipaclient_no_ssh: no
 #ipaclient_no_sshd: no
 #ipaclient_no_dns_sshfp: no
+ipaclient_ssh_trust_dns: no
 ### certificate system ###
 ipareplica_skip_schema_check: no
 ### dns ###