Helpdesk Support

Official Supportmonk Company Blog!

Open SSH client bug CVE-2016-0777 – Security Update Issued

January 15, 2016 , 5:25 pm

A critical flaw has been identified in the OpenSSH CLIENT that could lead to serious security implications.

How to fix?
Add the option ‘UseRoaming no’ to your /etc/ssh/ssh_config file or start your ssh client with -oUseRoaming=no included on the ssh command line.

                           ie, echo ‘UseRoaming no’ >> /etc/ssh/ssh_config
sudo sh -c ‘echo UseRoaming \”no\” >> /etc/ssh/ssh_config’

It’s being reported that it effects only on Centos 7 servers and they can update OpenSSH using yum.

           #yum update openssh

Outsourced Customer Support