OpenSSH patches information leak that could expose private SSH keys

If you’re connecting to servers over the secure shell (SSH) protocol using an OpenSSH client, you should update it immediately. The latest version patches a flaw that could allow rogue or compromised servers to read users’ private authentication keys.

The vulnerability stems from an experimental feature known as roaming that allows SSH connections to be resumed. This feature has been enabled by default in OpenSSH clients since version 5.4, released in March 2010, but is not present in the OpenSSH server implementation. As a result only clients are affected.

The vulnerability allows a server to read information from a connecting client’s memory, including its private keys. It has been fixed in OpenSSH 7.1p2, released Thursday.

To read this article in full or to leave a comment, please click here