HostOnNet Blog

OpenSSH client Vulnerability CVE-2016-0777

Posted on January 15, 2016 by admin

Looking for Linux Server Admin or WordPress Expert? We can help.

Contact Us

openssh

OpenSSH client have a critical vlunerability, this allow compromised servers steal your private key.

This is because an expeirmental feature in SSH Client, UseRoaming is enabled by default.

You can find more about this bug at

http://www.openssh.com/txt/release-7.1p2

With latest version, this feature is disabled.

If you using SSH Client on your server or home computer, you should edit /etc/ssh/ssh_config and add

UseRoaming no

Posted in Security

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.