diff --git a/cmd/install.go b/cmd/install.go
index 69c5115..44f9f9e 100644
--- a/cmd/install.go
+++ b/cmd/install.go
@@ -37,6 +37,10 @@ func getSshConfigs(user string, verify bool, version [2]int64) []SshConfig {
 		sshconfigs = append(sshconfigs, SshConfig{"PasswordAuthentication", "no"})
 	}
 
+	if *useDNS {
+		sshconfigs = append(sshconfigs, SshConfig{"UseDNS", "yes"})
+	}
+
 	return sshconfigs
 }
 
diff --git a/cmd/root.go b/cmd/root.go
index 8ceaf74..a91531a 100644
--- a/cmd/root.go
+++ b/cmd/root.go
@@ -33,6 +33,7 @@ var sshFingerprint = flag.String("fingerprint", "", "The fingerprint of the key
 var cfgHostnamePrefix = flag.String("hostname-prefix", "", "Add a prefix to hostname when query server")
 var cfgHostnameSuffix = flag.String("hostname-suffix", "", "Add a suffix to hostname when query server")
 var passwordAuthentication = flag.Bool("with-password-authentication", false, "sshd: do not disable PasswordAuthentication (Use it only when testing!)")
+var useDNS = flag.Bool("with-use-dns", false, "sshd: set UseDNS option to yes - required when using hostnames/FQDNs in AuthorizedKeys 'from' directives")
 
 func Execute() {
 	flag.Usage = func() {