Yes, Arch Linux’s OpenSSH binary doesn’t even link to liblzma, which means your installation is not affected by this particular backdoor.

The authors of the `detect_sh` script didn’t have that scenario in mind, so the `ldd` invocation never finds a link and the script bails early without a message.

Thanks!

remove the -e option on the script and run it.

Anyway, arch is not affected because they don't modify openssh to link against any of this nonesense.