Troubleshooting DNS Resolution Failure in SSH After macOS Snow Leopard Upgrade: A Developer’s Guide


23 views

html

While upgrading to Snow Leopard brought many improvements, some developers noticed an odd behavior when trying to SSH using hostnames:

$ ssh nevada
ssh: Could not resolve hostname nevada: nodename nor servname provided, or not known

Yet DNS resolution works fine when using nslookup:

$ nslookup nevada
Server:     10.94.62.3
Address:    10.94.62.3#53

Name:   nevada.example.com
Address: 10.94.62.3

The root cause appears to be changes in how Snow Leopard handles DNS resolution. The system's mDNSResponder (Bonjour) and the resolver configuration were significantly modified. Here's what's happening:

  • Traditional Unix name resolution (/etc/resolv.conf) was replaced with a new dynamic configuration system
  • The search domain behavior changed in subtle ways
  • SSH might not be using the full resolver stack properly

Solution 1: Force full DNS resolution

Try using the fully qualified domain name:

$ ssh nevada.example.com

If this works, you can create or modify your SSH config:

# ~/.ssh/config
Host nevada
    HostName nevada.example.com

Solution 2: Modify system resolver configuration

Edit /etc/resolv.conf (may need sudo):

search example.com
nameserver 10.94.62.3

Or create /etc/resolver/example.com:

domain example.com
nameserver 10.94.62.3

Solution 3: Use scutil to configure DNS

Snow Leopard prefers the System Configuration framework:

$ scutil --dns
$ networksetup -setsearchdomains "Thunderbolt Ethernet" example.com

To see exactly how resolution is failing:

$ dscacheutil -q host -a name nevada
$ dig nevada.example.com
$ ssh -v nevada  # Verbose SSH output

For persistent issues, consider modifying /etc/nsswitch.conf:

hosts: files mdns4 dns

Here's a shell script to verify and fix common issues:

#!/bin/bash

# Verify DNS resolution
check_dns() {
    local host=$1
    if ! host "$host" &> /dev/null; then
        echo "[ERROR] Cannot resolve $host"
        return 1
    fi
    return 0
}

# Main script
HOST="nevada"
check_dns "$HOST" || {
    echo "Attempting fixes..."
    # Add search domain if missing
    if ! grep -q "search example.com" /etc/resolv.conf; then
        echo "Adding search domain..."
        echo "search example.com" >> /etc/resolv.conf
    fi
    
    # Verify mDNS responder
    sudo killall -HUP mDNSResponder
}

I recently encountered an odd issue after upgrading to Snow Leopard where SSH suddenly stopped resolving hostnames, despite DNS lookups working perfectly through nslookup. Here's the exact scenario:

~: nslookup nevada
Server:     10.94.62.3
Address:    10.94.62.3#53

Name:   nevada.example.com
Address: 10.94.62.3

~: ssh nevada
ssh: Could not resolve hostname nevada: nodename nor servname provided, or not known

Snow Leopard made significant changes to the name resolution stack. The system now prefers mdnsresponder (mDNSResponder-320.5) over the traditional Unix name resolution methods. To verify:

$ scutil --dns
DNS configuration

resolver #1
  nameserver[0] : 10.94.62.3
  if_index : 4 (en0)
  flags    : Request A records
  reach    : 0x00000002 (Reachable)

The key discovery was that Snow Leopard handles search domains differently. While nslookup uses pure DNS, SSH relies on the system resolver which needs proper search domain configuration:

$ cat /etc/resolv.conf
# This file is automatically generated.
domain example.com
nameserver 10.94.62.3

For immediate results, modify your SSH config to use FQDNs:

# ~/.ssh/config
Host nevada
    HostName nevada.example.com
    User yourusername

Alternatively, ensure your DNS search domains are properly set in System Preferences:

$ networksetup -getsearchdomains "Ethernet"
example.com
internal.example.com

For those who prefer short hostnames, here's a bash function to append the domain automatically:

function ssh() {
    if [[ $1 == *.* ]]; then
        /usr/bin/ssh "$@"
    else
        /usr/bin/ssh "$1.example.com" "${@:2}"
    fi
}