|
|
|
|
|
|
by j15e
3815 days ago
|
|
|
Do not manually change your server configuration if security updates are already available for your platform. Ubuntu is already providing the patch. https://launchpad.net/ubuntu/+source/openssh/1:5.9p1-5ubuntu... *Edit : it does seems like a good idea to disable the feature on your local `ssh_config` in case you or a software you use connect to an unpatched evil server. |
|
|
The vulnerability is in the OpenSSH client, not the server. ssh_config is the client configuration. Unpatched servers are not relevant and putting this option in your server configuration (sshd_config) will simply make it not start, because the configuration is invalid.