Logcheck on a couple of Debian Squeeze servers has been sending me some errors for a while and I finally got time to track down the cause. The errors looked like this:

Aug  5 07:00:56 build1 ssh: getaddrinfo*.gaih_getanswer: got type "SOA"

It turns out that this is due to some scripted outbound ssh connections (in this case Jenkins polling a git repository). To make the connection, ssh was performing an A and AAAA DNS queries. The A query was working and the AAAA query was returning an empty response (which means it just includes an SOA record). This was causing the above error. The ssh connections still continued correctly with the A result.

One solution to this would be to add a rule to logcheck so I don't get emailed about a non-critical message. I've seen other examples of this for similar (not from ssh) instances of the error.

However as these systems are not currently connected to an IPv6 network and probably wont be for a while, I decided to tell ssh not to bother with the AAAA query. This is easy to do by adding the following to /etc/ssh/ssh_config (or the per user config):

Host *
    AddressFamily inet