#OpenSSH: client allow a malicious #SSH server to steal the client’s private keys.

This is the most serious bug you’ll hear about this week: The issue dubbed CVE-2016-0777 has been identified and fixed in #OpenSSH. Affects all #OpenSSH 5.4 – 7.1: Apply the workaround and wait for an upcoming release. # echo ‘UseRoaming no’ >> /etc/ssh/ssh_config The information leak is exploitable in the default configuration of certain versions […]

Read more