ssh_config: add "UseRoaming no"

https://twitter.com/msfriedl/status/687635945642967040
2024-11-22 03:09:22 +01:00 · 2016-01-14 16:44:27 +02:00 · 2016-01-14 16:44:27 +02:00 · 9d5db7ee3c
commit 9d5db7ee3c
parent e80dbd29fe
2 changed files with 12 additions and 0 deletions
--- a/.mikaela/ssh/config
+++ b/.mikaela/ssh/config
@ -39,6 +39,12 @@ Host *
    # manual).
    UpdateHostKeys yes

+    # Add undocumented "UseRoaming no" to ssh_config or use
+    # "-oUseRoaming=no" to prevent upcoming #openssh client bug
+    # CVE-2016-0777. More later.
+    # ~~ https://twitter.com/msfriedl/status/687635945642967040
+    UseRoaming no
+
    # Verify SSHFP records. In case DNSSEC is used this skips the
    # question on whether you trust the fingerprint or not.
    # All my hosts run DNSSEC validating Unbound on localhost and use it
--- a/etc/ssh/ssh_config
+++ b/etc/ssh/ssh_config
@ -40,6 +40,12 @@ Host *
    # manual)
    UpdateHostKeys yes

+    # Add undocumented "UseRoaming no" to ssh_config or use
+    # "-oUseRoaming=no" to prevent upcoming #openssh client bug
+    # CVE-2016-0777. More later.
+    # ~~ https://twitter.com/msfriedl/status/687635945642967040
+    UseRoaming no
+
    # Verify SSHFP records. In case DNSSEC is used this skips the
    # question on whether you trust the fingerprint or not.
    # All my hosts run DNSSEC validating Unbound on localhost and use it