HostOnNet Blog

OpenSSH client Vulnerability CVE-2016-0777

Looking for Linux Server Admin or WordPress Expert? We can help.

openssh

OpenSSH client have a critical vlunerability, this allow compromised servers steal your private key.

This is because an expeirmental feature in SSH Client, UseRoaming is enabled by default.

You can find more about this bug at

http://www.openssh.com/txt/release-7.1p2

With latest version, this feature is disabled.

If you using SSH Client on your server or home computer, you should edit /etc/ssh/ssh_config and add

UseRoaming no


Posted in Security

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.