[CentOS] Fwd: Heads up: OpenSSH users
Timo Schöler
lists at riscworks.net
Thu Jan 14 17:08:19 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 01/14/2016 05:34 PM, m.roth at 5-cent.us wrote:
> Michael H wrote:
>> Probably worth a read...
>>
>> http://www.openssh.com/txt/release-7.1p2
>>
>>> Important SSH patch coming soon. For now, everyone on all
>>> operating systems, please do the following:
>>>
>>> Add undocumented "UseRoaming no" to ssh_config or use
>>> "-oUseRoaming=no" to prevent upcoming #openssh client bug
>>> CVE-2016-0777. More later.
>>
>> echo "UseRoaming no" >> /etc/ssh/ssh_config
>
> Please clarify - will the update add *Roam* to
> /etc/ssh/ssh_config?
It will fix the bug.
> I've just checked on two systems that are CentOS 7, a server, and
> a workstation that I literally built yesterday, and grep -i on
> both reports "no, not here".
Yes, as it's undocumented, but enabled since about 2010. Even OpenBSD
5.9 (pre-release, it's going to be released on May 1st, 2016) does not
mention it.
Timo
> mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iF4EAREIAAYFAlaX1gIACgkQuSPmkPhAW0pYsQD/YtMb9XpnIY+GZWJUfjUB/ktS
6KcEMUIB3wjXgBI609MA/03tx8mOMUIzrixR6Sjb3FaLvoN45WD61OKfAtLSdNw6
=1Vbf
-----END PGP SIGNATURE-----
More information about the CentOS
mailing list