Notice that it says the vulnerablity is for a feature that is not enabled by default.
I'm not worried about that at all. There very well could be other exploits of SSH,
but I'm still sticking with it. I'll risk a few exploits over the alternative of
sending my passwords clear text. To each his/her own.
Steven Werby {steven-lists@xxxxxxxxxxxx}