Hi, i just noted that there is a new openssh package (openssh-3.4p1-78.i386.rpm) flagged as "security fix". The description is: "Description: Fix for a malfunction in sshd with relation to sshd configuration option "PermitRootLogin forced-commands-only". This update also contains security fixes from a former update" So i guess youre only affected if you set PermitRootLogin to forced-commands-only in your sshd.conf I guess im on the sure side when all my server have PermitRootLogin set to no. I quickly checked the openssh.org site, announce and dev lists, but didnt find any relevant details (didnt see any in Bugtraq and Vulndev also if i remember correctly, but i only did a quick check). Are there any detailed informations about this issue? Or ist it SuSE specific (and if it is, im interested why :P ) Thanks, Tom