SSH gets protection against side channel attacks

Damien Miller (djm@) has just committed a new feature for SSH that should help protect against all the various memory side channel attacks that have surfaced recently.

Add protection for private keys at rest in RAM against speculationand memory sidechannel attacks like Spectre, Meltdown, Rowhammer andRambleed. This change encrypts private keys when they are not in usewith a symmetic key that is derived from a relatively large "prekey"consisting of random data (currently 16KB).

Read more"