OpenSSH: Client Information leak from use of roaming connection feature (CVE-2016-0777)
Since version 5.4, the OpenSSH client supports an undocumented feature called roaming. If a connection to an SSH server breaks unexpectedly, and if the SSH server supports roaming as well, the client is able to reconnect to the server and resume the interrupted SSH session. The roaming feature is enabled by default in OpenSSH clients, even though no OpenSSH server version implements the roaming feature.
An information leak flaw was found in the way OpenSSH client roaming feature was implemented. The information leak is exploitable in the default configuration of certain versions of the OpenSSH client and could (depending on the client's version, compiler, and operating system) allow a malicious SSH server to steal the client's private keys.
Note that this flaw can only be triggered after successful authentication and therefore can only be exploited by a malicious or compromised SSH server. Man-in-the-middle (MITM) attackers can not exploit this issue.
- Red Hat Enterprise Linux 4, 5, and 6 are not affected by this flaw because they include OpenSSH versions older than 5.4, and hence do not implement the roaming feature.
- Red Hat Enterprise Linux 7 since version 7.1 has provided OpenSSH 6.6 for which the default configuration is not affected by this flaw. OpenSSH 6.6 is only vulnerable to this issue when used with certain non-default
ProxyCommandsettings. Security update RHSA-2016-0043 corrects this issue.
- Red Hat Enterprise Linux 7 prior to version 7.1 (released in March 2015) provides OpenSSH 6.4 and is impacted regardless of the use of the
ProxyCommandsettings. The OpenSSH packages were updated from version 6.4 to version 6.6 in Red Hat Enterprise Linux 7.1 via RHSA-2015:0425.
In Red Hat Enterprise Linux 7 you can mitigate this issue by setting the following option in the OpenSSH client's configuration file, either global (
/etc/ssh/ssh_config) or user specific (
The above directive should be placed in the
Host * section of the configuration file to use this setting for all SSH servers the client connects to.
You can also set the option via a command line argument when connecting to an SSH server:
-o 'UseRoaming no'
Security update RHSA-2016-0043 has been released to correct this issue.
Red Hat would like to thank Qualys for reporting this issue.