Contributed by tj on 2016-01-14 from the i-have-a-fviend-in-Vome dept. This is the most serious bug you'll hear about this week: the issues identified and fixed in OpenSSH are dubbed CVE-2016-0777 and CVE-2016-0778. An early heads up came from Theo de Raadt in this mailing list posting. Until you are able to patch affected systems, the recommended workaround is to use # echo -e 'Host *\nUseRoaming