Hackers claiming to have found a critical flaw in a widely used open-source remote login software, OpenSSH, are likely bluffing, according to a developer affiliated with the project.