HostOnNet Blog

OpenSSH client Vulnerability CVE-2016-0777


OpenSSH client have a critical vlunerability, this allow compromised servers steal your private key.

This is because an expeirmental feature in SSH Client, UseRoaming is enabled by default.

You can find more about this bug at

With latest version, this feature is disabled.

If you using SSH Client on your server or home computer, you should edit /etc/ssh/ssh_config and add

UseRoaming no

Posted in Security