The documentation indicates that /etc/ssh/ssh_known_hosts can be built from 
entries in the per-user ~/.ssh/known_hosts file. However, the entry must have
an RSA1 key; any other key type will not work.

In the 'ssh' man page:

"If the server machine does not have the
 client's host key in /etc/ssh/ssh_known_hosts, it can be stored
 in $HOME/.ssh/known_hosts.  The easiest way to do this is to con-
 nect back to the client from the server machine using ssh; this
 will automatically add the host key to $HOME/.ssh/known_hosts."

The key put in the user's known_hosts file is 'ssh-rsa', which will not work for 
host based authentication in /etc/ssh/ssh_known_hosts.

In monitor.c, at about line 962 the type of the key passed to key_read() is
fixed:

		case MM_RSAHOSTKEY:
			key->type = KEY_RSA1; /* XXX */
			allowed = options.rhosts_rsa_authentication &&
			    auth_rhosts_rsa_key_allowed(authctxt->pw,
			    cuser, chost, key);

In addition, the host's IP address is required in the key definition
in /etc/ssh/ssh_known_hosts; the symbolic host name won't work. 

Here's a workaround, that could be included in the documentation:

Here's a workaround for the problem.  Use

        ssh-keyscan -t rsa1 192.168.2.30 > ssh_known_hosts

where the actual host's IP address should be substituted for "192.168.2.30".