moin moin,
disable UseRoaming in your config.
echo "UseRoaming no" | sudo tee -a /etc/ssh/ssh_config
*or*
echo "UseRoaming no" >>~/.ssh/config
or both.
If you only connect to save ssh servers you should be fine, but this bug
could be exploited to disclose private keys.
Not sure why a test feature was enabled by default, especially one that
can leak private keys.
UseRoaming looks to me like something that should explicitly be disabled
by default in the config files just to be sure.
The patch is removing the parts that start up roaming in the client.
http://undeadly.org/cgi?action=article&sid=20160114142733&mode=expanded
ciao,
der.hans
--
# http://www.LuftHans.com/ http://www.PhxLinux.org/
# "I never let schooling get in the way of my education." -- Mark Twain
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
(text/plain)