If you're using OpenSSH 5.4 thru 7.1 (check "ssh -V"), you'll want to disable the "UseRoaming" feature (which was unused on SSH servers, but left around in SSH clients, and can be exploited): http://undeadly.org/cgi?action=article&sid=20160114142733 -- -bill! Sent from my computer