openssh relies on RRSIG records to verify the remote key using DNSSEC and SSHFP resource records. See VerifyHostKeyDNS under ssh_config. systemd-resolve breaks this.
Here is a detailed blog article that covers the issue in depth: https://moss.sh/name-resolution-issue-systemd-resolved/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1624320 Title: systemd-resolved appends 127.0.0.53 to resolv.conf alongside existing entries To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1624320/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
