thx. yes. info is still fresh but already helping clients (and myself) to mitigate against it. there's good info here on this mitm attck that you can use to protect yourself until we get an update/rewrite of open ssh.

https://forum.netgate.com/topic/184941/terrapin-ssh-attack