Possible break-in attempt?

[Miroslav Lachman]

Grzegorz Junka wrote on 2018/07/21 21:29:

[...]

>>>> There is no point to this foolishly alarming message. Be mindful of 
>>>> the OTHER ways you must surely have in place to keep your sshd hard 
>>>> against attack.
>>>>
>>> Good to know. But the documentation says setting to no prevents from 
>>> using DNS in known_hosts. When I look into my known_hosts I see many 
>>> dns-only names, e.g. github.com among others.
>>>
>>> GrzegorzJ
>> In which man page or web page are you seeing this information?
> 
>  > man sshd_config
> 
>       UseDNS  Specifies whether sshd(8) should look up the remote host 
> name,
>               and to check that the resolved host name for the remote IP
>               address maps back to the very same IP address.
> 
>               If this option is set to “no”, then only addresses and not 
> host
>               names may be used in ~/.ssh/known_hosts from and sshd_config
>               Match Host directives.  The default is “yes”.

What version of FreeBSD do you have?
On FreeBSD 10.4 there is

UseDNS  Specifies whether sshd(8) should look up the remote host name,
	and to check that the resolved host name for the remote IP
	address maps back to the very same IP address.

	If this option is set to “no”, then only addresses and not host
	names may be used in ~/.ssh/authorized_keys from and sshd_config
	Match Host directives.  The default is “yes”.

And I don't think sshd_config should have any impact on client 
configuration (known_hosts). It is controlled by ssh_config.

Miroslav Lachman