[CentOS] Fwd: Heads up: OpenSSH users

Timo Schöler lists at riscworks.net
Thu Jan 14 17:08:19 UTC 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 01/14/2016 05:34 PM, m.roth at 5-cent.us wrote:
> Michael H wrote:
>> Probably worth a read...
>> 
>> http://www.openssh.com/txt/release-7.1p2
>> 
>>> Important SSH patch coming soon.  For now, everyone on all 
>>> operating systems, please do the following:
>>> 
>>> Add undocumented "UseRoaming no" to ssh_config or use 
>>> "-oUseRoaming=no" to prevent upcoming #openssh client bug 
>>> CVE-2016-0777. More later.
>> 
>> echo "UseRoaming no" >> /etc/ssh/ssh_config
> 
> Please clarify - will the update add *Roam* to 
> /etc/ssh/ssh_config?

It will fix the bug.

> I've just checked on two systems that are CentOS 7, a server, and
> a workstation that I literally built yesterday, and grep -i on
> both reports "no, not here".

Yes, as it's undocumented, but enabled since about 2010. Even OpenBSD
5.9 (pre-release, it's going to be released on May 1st, 2016) does not
mention it.

Timo

> mark


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iF4EAREIAAYFAlaX1gIACgkQuSPmkPhAW0pYsQD/YtMb9XpnIY+GZWJUfjUB/ktS
6KcEMUIB3wjXgBI609MA/03tx8mOMUIzrixR6Sjb3FaLvoN45WD61OKfAtLSdNw6
=1Vbf
-----END PGP SIGNATURE-----



More information about the CentOS mailing list