Updated openssh packages are now available for Red Hat Linux 7. These packages reduce the amount of information a passive attacker can deduce from observing an encrypted session.
Weaknesses in the SSH protocols can be used by a passive attacker to deduce information about passwords entered over an encrypted connection. This information can be used to reduce the number of possible solutions which need to be tested to perform a brute-force attack. This reduces the amount of time and resources required to mount such an attack successfully. OpenSSH 2.5.1 and 2.5.2 include modifications which, while not completely resolving this problem, reduce the risks by changing certain server behaviors to make passive analysis more difficult.