Fixing OpenSSH: Information-leak vulnerability (CVE-2016-0777)

OpenSSH: Client Information leak from use of roaming connection feature (CVE-2016-0777)

An information leak flaw was found in the way the OpenSSH client roaming feature was implemented. A malicious server could potentially use this flaw to leak portions of memory (possibly including private SSH keys) of a successfully authenticated OpenSSH client.

How to fix the isssue

Upgrade the openssh packages to the latest version. You can find the details below:

For Debian:-

_You can check this link for more details:- _

**For Ubuntu:- **

You can check this link for more details:-

__For Manual fixes or _Mitigation:- _

On Linux

[color-box color="green”]

<code>echo 'UseRoaming no' | sudo tee -a /etc/ssh/ssh_config
</code>

[/color-box]

On Mac OSX

_** **_[color-box color="green”]

echo "UseRoaming no" >> ~/.ssh/config

[/color-box]