Comment 4 for bug 242956

Moving this issue. When "options edns0" is turned on (usually in
/etc/resolv.conf), ssh doesn't see it, and fails to request a DNSSEC
response, which in turn leads to SSHFP records being considered
insecure.