Er, yeah, sorry, bad phrasing. If the client (from whom you're connecting, which has the secret key) is not vulnerable, and the server (to which you're connecting, and which has the public key) is vulnerable, you are safe: otherwise, you are not.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds