diff --git a/orchestrate.py b/orchestrate.py
index c9ef33c3cacaa51c667bb77e9e449a9a80d46c2a..a74b10321065de253043e2f155b4cb2295565000 100755
--- a/orchestrate.py
+++ b/orchestrate.py
@@ -147,16 +147,10 @@ if 'init' in args.actions:
         # the frontend to all nodes
         ['ssh', '-o', 'ForwardAgent=yes', '%s@%s' % (user, master_ip), cycle_all]
     ]
-    for node in hosts.keys():
-        # skip the frontend - covered by the command above
-        if node == master_hostname:
-            continue
-        # the node to all nodes
-        commands += [
-            ['ssh', '-o', 'ForwardAgent=yes', '%s@%s' % (user, master_ip),
-             'ssh -o ForwardAgent=yes %s \'%s\'' % ('%s.%s' % (node, d), cycle_all)],
-        ]
     for ip in hosts.values():
+        # check the special case if it is not already frontend ('ssh-keygen -R' would be a problem)
+        if ip == master_ip:
+            continue
         commands += [
             ['ssh-keygen', '-R', ip],
             ['ssh', '-o', 'ForwardAgent=yes', '-o', 'ProxyCommand=ssh -W %s:22 -q %s@%s' %
@@ -165,6 +159,17 @@ if 'init' in args.actions:
     commands += [
         ['ansible', '-i', './inventory', '-m', 'copy', '-a', 'src=hosts dest=/etc/hosts', 'nodes'],
     ]
+    # node to node ssh keys
+    # (after the /etc/hosts is distributed)
+    for node in hosts.keys():
+        # skip the frontend - already covered
+        if node == master_hostname:
+            continue
+        # the node to all nodes
+        commands += [
+            ['ssh', '-o', 'ForwardAgent=yes', '%s@%s' % (user, master_ip),
+             'ssh -o ForwardAgent=yes %s \'%s\'' % ('%s.%s' % (node, d), cycle_all)],
+        ]
     perform_action('init', commands)
 
 if 'wait' in args.actions: