Ever wondered why sometimes it takes an awful lot of time for the password prompt to show up when trying to SSH into a system running OpenSSH on the local network? I have. And I have always suspected it must have something to do with DNS resolution.
It turns out there is a setting in OpenSSH that controls whether SSHd should not only resolve remote host names but also check whether the resolved host names map back to remote IPs. Apparently, that setting is enabled by default in OpenSSH. The directive UseDNS controls this particular behaviour of OpenSSH, and while it is commented in sshd_config (which is the default configuration file for the OpenSSH daemon in most enviornments), as per the man page for sshd_config, the default for UseDNS is set to enabled. Uncommenting the line carrying the UseDNS directive and setting it to “no” disables the feature.