Get Paid to Participate - up to $1 per post!     Twitter     Facebook     Google+
Hosting Discussion

Hosting Discussion > Web Hosting Forums > Web Hosting Discussion > latest bug in open ssh client
forgot password?


  Post #1 (permalink)   02-19-2017, 08:38 AM
HD Newbie
Join Date: Feb 2017
Location: Oman
Posts: 40

Status: hostgliders is offline
If you are using openssh client please listen;

A serious bug has been identified in the OpenSSH CLIENT that could lead to serious security breachs.


To fix

Add the option ‘UseRoaming no’ to your /etc/ssh/ssh_config file or start your ssh client with -oUseRoaming=no included on the ssh command line.
ie, echo ‘UseRoaming no’ >> /etc/ssh/ssh_config


sudo sh -c ‘echo UseRoaming \”no\” >> /etc/ssh/ssh_config’

It’s being reported that it effects only on Centos 7 servers and they can update OpenSSH using yum.
#yum update openssh

Host Gliders

  Post #2 (permalink)   02-20-2017, 10:38 PM
HD Addict
Join Date: Aug 2015
Posts: 127

Status: bigredseo is offline
Do you have a link to the security release information?

I did a search on Google but nothing much popped up in the feed for new issues. Some info on issues back in January 2016, but I didn't see much recently.
Conor Treacy
Big Red SEO - Omaha, NE <- That's Me! ;)

  Post #3 (permalink)   02-20-2017, 11:31 PM
HD Newbie
Join Date: Mar 2016
Posts: 36

Status: praveenk is offline
Please check following bug, I hope it will help.
__________________ - Reliable Web Hosting Provider
E-commerce Ready Hosting | Pure SSD Cloud/VPS | Offshore Dedicated Server
24/7 Reliable Tech Support | Monitoring Service | R1Soft Backup

  Post #4 (permalink)   02-21-2017, 12:54 AM
HD Master
Join Date: Sep 2014
Location: India
Posts: 261
Send a message via Skype™ to 24x7server

Status: 24x7server is online now

---------------- ----------------
rpm -qa | grep openssh
rpm -q <result from above> --changelog | grep CVE-2016-0777
---------------- ----------------

You can check if the patch is applied or not through the above commands..
Server Management, Server Security, Server Monitoring.
Network Monitoring Team !! Skype: techs24x7

  Post #5 (permalink)   02-23-2017, 06:43 PM
HD Addict
Join Date: Aug 2015
Posts: 127

Status: bigredseo is offline
That's certainly one that I had seen, however if you check the dates on that bug, it's from January 2016 and was patched at that time.

The OP made it sound like there was a NEW bug that was out there, but I guess they were just padding their posting score.

Nothing to see here - please move along.
Conor Treacy
Big Red SEO - Omaha, NE <- That's Me! ;)

Thread Tools

New Post New Post   Old Post Old Post
Posting Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Sponsored By: