On Wed, 22 Jul 2015, Malcolm wrote: > Keep in mind this is something that in some system configurations can gently > assist a remote password cracker, and isn't an "exploit". Yeah, it just reduces the number of connections an attacker has to make to attempt password guessing. It doesn't speed up the guesses themselves or evade failure delays for wrong guesses. The patch is already committed as https://anongit.mindrot.org/openssh.git/patch/?id=5b64f85bb811246c59ebab and the plan is to release it in OpenSSH 7.0, which is due in a few weeks. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
