I am aware of the keys and authorized hosts files for SSH, but they apply to SSH authorization - if they were not configured properly, I would not be able to connect using the current IP addresses for those dyndns hosts either (and I've verified I am able to connect using their respective addresses).
I have used ddclient in the past, but currently have the router configured to update the IP address for one host, and the other host has its own dyndns client. On my end, however, ddclient wouldn't do anything - it's purpose is to send a client machine's current IP address to the dyndns servers, so that queries for that client machine's address return the current IP address. I have already verified that manual DNS lookups for both clients do return the proper IP addresses, the hosts.allow/deny files just don't seem to query the hostnames for their IP addresses.
So, still at the same point, but again, thanks for the suggestions.
For what it is worth, I've found that if I put the hostnames into the /etc/hosts file with fixed IP addresses, hosts.allow/deny will resolve the hostnames. This would be fine if they were static addresses, but since they are dynamic, they change quite often - for a mobile device, it could change several times in a single day. I've considered setting up a cron job to update the addresses in the /etc/hosts file at a regular interval, but it'd be nice if there was a better/cleaner way to keep the addresses updated (like querying for the address as it is accessed). Anyone have any thoughts?