I reported this a while back and people thought it might be the dns server's issue, but looking at the code the problem is that the patched version of tcpd.c that enables it to work for ipv6, DISABLES it working for ipv4. Does anyone know who is responsible for the tcp_wrappers/libwrap/tcpd package? I had to turn off full checking in tcpd and set it for 'warn only', (if it checked instead of warn'ed it would lock me out). The warning / problem message look like: May 23 15:34:56 Ishtar sshd[39364]: warning: /etc/hosts.allow, line 63: host name mismatch: Athenae != (null) (::ffff:192.168.4.12) Athenae didn't have an ipv6 addr because the server has no ipv6 interfaces. tcpd was setup to only query for dns on ipv6... Now can login with no warnings, but I don't have an ipv6 to immediately test this on. But the same binary should work now for both ipv4 and ipv6 enabled kernels. I check for presence of /proc/sys/net/ipv6 . If it exists, I use the ipv6 code path else use the ipv4 code path. I did verify if I manually set the flag to ipv6 mode, I got the warning again as before, but in the mode where it tests for the proc dir existence, I don't. Attached is a diff against lastest factory source that should fix the problem If the maintainer could look it over and give it a run on an ipv6 enabled machine, and either include in suse's product, or better, feed it back upstream (it was looking at the source changes upstream that gave me the idea that they'd done a quick ipv6 job) that's be great..? It was a quick job, but I think I have confidence enough in it to submit it here. Can it be integrated if it is ok? It fixes a long outstanding problem in the tcpd code...