[CentOS] Fwd: Heads up: OpenSSH users
Timo Schöler
lists at riscworks.net
Thu Jan 14 17:18:58 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 01/14/2016 06:05 PM, Timo Schöler wrote:
> On 01/14/2016 05:34 PM, m.roth at 5-cent.us wrote:
>> Michael H wrote:
>>> Probably worth a read...
>>>
>>> http://www.openssh.com/txt/release-7.1p2
>>>
>>>> Important SSH patch coming soon. For now, everyone on all
>>>> operating systems, please do the following:
>>>>
>>>> Add undocumented "UseRoaming no" to ssh_config or use
>>>> "-oUseRoaming=no" to prevent upcoming #openssh client bug
>>>> CVE-2016-0777. More later.
>>>
>>> echo "UseRoaming no" >> /etc/ssh/ssh_config
>
>> Please clarify - will the update add *Roam* to
>> /etc/ssh/ssh_config?
>
> It will fix the bug.
>
>> I've just checked on two systems that are CentOS 7, a server, and
>> a workstation that I literally built yesterday, and grep -i on
>> both reports "no, not here".
>
> Yes, as it's undocumented, but enabled since about 2010.
FYI:
https://github.com/openssh/openssh-portable/search?q=AppGate+Network+Sec
urity+AB
> Even OpenBSD 5.9 (pre-release, it's going to be released on May
> 1st, 2016) does not mention it.
>
> Timo
>
>> mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iF4EAREIAAYFAlaX2IIACgkQuSPmkPhAW0rh0AD+Kje8MZE5xlnK1YQlH1H7oFgK
M6JOfkgiWt3gvdzOjewA/RgopaQKm7YkdIgiiVRCVoKtUaRVieBr6xz/SccrISFR
=94uA
-----END PGP SIGNATURE-----
More information about the CentOS
mailing list