-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 01/14/2016 05:34 PM, m.roth@5-cent.us wrote:
Michael H wrote:
Probably worth a read...
http://www.openssh.com/txt/release-7.1p2
Important SSH patch coming soon. For now, everyone on all operating systems, please do the following:
Add undocumented "UseRoaming no" to ssh_config or use "-oUseRoaming=no" to prevent upcoming #openssh client bug CVE-2016-0777. More later.
echo "UseRoaming no" >> /etc/ssh/ssh_config
Please clarify - will the update add *Roam* to /etc/ssh/ssh_config?
It will fix the bug.
I've just checked on two systems that are CentOS 7, a server, and a workstation that I literally built yesterday, and grep -i on both reports "no, not here".
Yes, as it's undocumented, but enabled since about 2010. Even OpenBSD 5.9 (pre-release, it's going to be released on May 1st, 2016) does not mention it.
Timo
mark