The Daily Awesome Blog Thoughts, stories and ideas.

Serious Vulnerability in SSH Client

https://maclemon.at/blog/2016/01/14/fixing-openssh-cve-2016-0777/

You don’t need to read this all. Just follow these two steps.

home-brew.png

Homebrew

brew update
brew install homebrew/dupes/openssh

MacPorts

port selfupdate
port install openssh

After installation you must see openssh-7.1p2 where p2 means patch that fixes problem.

If you have problem with homebrew or MacPorts, please run this

echo -e 'Host *\nUseRoaming no' >> /etc/ssh_config

or add manually Roaming no line after very first Host * you can find at /etc/ssh_config on your Mac.

After update double check version of ssh

ssh -V

For those who still have older version than OpenSSH_7.1p2, OpenSSL 1.0.2e 3 Dec 2015 please apply this patch

sudo ls -l /usr/local/bin/ssh && sudo mv /usr/bin/ssh /usr/bin/ssh.bak && sudo ln -s /usr/local/bin/ssh /usr/bin/ssh