OpenSSH Roaming not allowed by server bug (CVE-2016-0777)

Fig.02: OpenSSH Roaming not allowed by server bug (CVE-2016-0777)

Fig.02: OpenSSH Roaming not allowed by server bug (CVE-2016-0777)

If you see message such as “debug1: Roaming not allowed by server
“, your system is affected by CVE-2016-0777 of OpenSSH.

Fix # 1

Use ssh client as follows:
$ ssh -v -o UseRoaming=no user@host

Fix #2 Update openssh server and client

Use your package manager to apply updates. For example on CentOS/RHEL one could run:
# yum update

Examples and usage: How To Patch and Protect OpenSSH Client Vulnerability CVE-2016-0777 and CVE-2016-0778 [ 14/Jan/2016 ]