On Thu, Jan 14, 2016 at 11:34:18AM -0500, m.roth at 5-cent.us wrote: > Michael H wrote: > > Probably worth a read... > > > > http://www.openssh.com/txt/release-7.1p2 > > > >> Important SSH patch coming soon. For now, everyone on all operating > >> systems, please do the following: > >> > >> Add undocumented "UseRoaming no" to ssh_config or use "-oUseRoaming=no" > >> to prevent upcoming #openssh client bug CVE-2016-0777. More later. > > > > echo "UseRoaming no" >> /etc/ssh/ssh_config > > Please clarify - will the update add *Roam* to /etc/ssh/ssh_config? I've > just checked on two systems that are CentOS 7, a server, and a workstation > that I literally built yesterday, and grep -i on both reports "no, not > here". > That came from Theo (OpenBSD's Theo) and was called undocumented. So, my guess is that, in the client (not the server) there is a default of UseRoaming that doesn't show in the config file. Note that this is something that affects ssh clients, not servers. -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6