Revision History

14 January 2016

v1.0 - Added to Wiki and edited for TLDP

Jason Evans

List of Authors:

On 14 January 2016, the OpenSSH project reported a client side issue affecting OpenSSH versions 5.4 - 7.1. This issue could allow an SSH client to leak key information, potentially exposing users to man-in-the-middle attacks.

What does this mean?

A key exchange is initiated when an SSH client connects to a server. A new "roaming" feature included in the OpenSSH client can be exploited and a malicious server could use this issue to leak client memory to the server, including private client user keys.

Who is affected?

This issue affects the OpenSSH client (not server) on most modern operating systems including Linux, FreeBSD and Mac OSX. This issue may also affect users running OpenSSH for Windows but does not affect users using PuTTY on Windows.

How to fix the issue

While patches and updates are being rolled out for affected distributions, the feature causing this security issue can be disabled manually in order to resolve the issue. On OS X, Linux and BSD variants this can be done by adding a line to your SSH configuration.

On Linux and FreeBSD

Run the following command to add the new line to your configuration:

 echo 'UseRoaming no' | sudo tee -a /etc/ssh/ssh_config

On Mac OSX

Run the following command to add the new line to your configuration:

 echo "UseRoaming no" >> ~/.ssh/config

Close and Reopen Sessions

Once you have done this you should close any open SSH sessions in order for the change to be effective.

Learn More

OpenSSH: client bug CVE-0216-0778 Ubuntu - USN-2869-1: OpenSSH vulnerabilities

License: Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Fix CVE-0216-0778 HOWTO (last edited 2016-01-14 17:23:57 by Jason Evans)