Moving this issue. When "options edns0" is turned on (usually in /etc/resolv.conf), ssh doesn't see it, and fails to request a DNSSEC response, which in turn leads to SSHFP records being considered insecure.
Moving this issue. When "options edns0" is turned on (usually in
/etc/resolv.conf), ssh doesn't see it, and fails to request a DNSSEC
response, which in turn leads to SSHFP records being considered
insecure.