Security OpenSSH Security Bug CVE-2016-0777 & CVE-2016-0778

For non-CentOS 7 folks, i.e. on CentOS 6, you will want to remove the line added in /etc/ssh/ssh_config for the entry UseRoaming no some folks have reported ssh has issues with it on CentOS 6.

---

grep check for UseRoaming in /etc/ssh/ssh_config should return the line if exists or empty if doesn't exist, backup file, the sed delete the entry and then check again, should remove empty if removed

Code:

grep UseRoaming /etc/ssh/ssh_config
cp -a /etc/ssh/ssh_config /etc/ssh/ssh_config.backup
sed -i '/UseRoaming no/d' /etc/ssh/ssh_config
grep UseRoaming /etc/ssh/ssh_config

can also do a side by side diff compare to make sure

Code:

sdiff -s /etc/ssh/ssh_config /etc/ssh/ssh_config.backup

would return only content on right column

Code:

sdiff -s /etc/ssh/ssh_config /etc/ssh/ssh_config.backup
                                                              > UseRoaming no

or diff compare

Code:

diff -u /etc/ssh/ssh_config /etc/ssh/ssh_config.backup 

Code:

diff -u /etc/ssh/ssh_config /etc/ssh/ssh_config.backup 
--- /etc/ssh/ssh_config 2016-01-16 06:52:45.533997381 +0000
+++ /etc/ssh/ssh_config.backup  2016-01-16 06:52:13.600270648 +0000
@@ -64,3 +64,4 @@
        SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
        SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE
        SendEnv XMODIFIERS
+UseRoaming no