CVE-2016-0777 與 CVE-2016-0778 安全性漏洞是關於 OpenSSH client 的部分:(USN-2869-1: OpenSSH vulnerabilities)
It was discovered that the OpenSSH client experimental support for resuming connections contained multiple security issues. A malicious server could use this issue to leak client memory to the server, including private client user keys.
這下除了要更新以外,要重新生 ssh key 然後更新一堆機器了...
http://undeadly.org/cgi?action=article&sid=20160114142733
"The authentication of the server host key prevents exploitation by a man-in-the-middle, so this information leak is restricted to connections to malicious or compromised servers."
請問一下為什麼需要更新ssh key呢?是怕自己管的機器已經被換成惡意的sshd嗎?