Site Navigation

Date:      Wed, 13 Jan 2010 16:29:53 +0300
From:      Denis Barov <dindin@yandex-team.ru>
To:        jhell <jhell@DataIX.net>
Cc:        dwcjr@inethouston.net, dindin@dindin.ru, FreeBSD Ports <FreeBSD-Ports@FreeBSD.org>
Subject:   Re: patch for security/openssh-portable
Message-ID:  <20100113132953.GH12583@sepulca.yandex.ru>
In-Reply-To: <alpine.BSF.2.00.1001130806170.55823@pragry.qngnvk.ybpny>
References:  <alpine.BSF.2.00.1001130806170.55823@pragry.qngnvk.ybpny>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

Probably you want VersionAddendum option in sshd_config?

Wed, Jan 13, 2010 at 08:14 -0500 jhell:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> 
> 
> Request.
> 
> Attached is a patch against security/openssh-portable Makefile to remove 
> FreeBSD version and openssl version from its version reply string.
> 
> This changes it from its default reply to: SSH-2.0-OpenSSH_5.2p1
> 
> I would rather leave a prober guessing rather than giving the information 
> he needs to analyze a large number of hosts quickly.
> 
> - -- 
> 
>   Wed Jan 13 08:06:17 2010
> 
>   jhell
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.14 (FreeBSD)
> 
> iQEcBAEBAgAGBQJLTceJAAoJEJBXh4mJ2FR+nrMH/jzYBXWyUXueQFrGYJnovskV
> uSDme/bxd+iwVlsAyGPNK8Ub8oQC9725ohh0a8N6rcotENODPJyXRh0c9Gz5Kr3D
> 81opHf+qE6Z0Awhb3FcNYf/jCve4TOj5MZpzdy1peZ6pwJXA8BM7YbrP1+OFlQRN
> yu3HuNg/LQyx0Rk0kVzVISLInpdmndC/OBtCjLwBuGb0Np/WYshuNOr739jOodcL
> Odqa94apkhZpm8yI5+P6tQdf/RMOpn/PgB0MidLt3hH2Ayxpm903Wrs9p4d6xzc8
> i2tZR8crdHCwjO5TRHITWmc273XZychU24P8HIC06GP56pG8jClFR1XSqBCpZMY=
> =fKHX
> -----END PGP SIGNATURE-----

> --- Makefile.orig	2009-12-30 15:14:04.646162156 -0500
> +++ Makefile	2009-12-30 15:15:36.939692199 -0500
> @@ -229,11 +229,9 @@
>  		-e 's|%%RC_SCRIPT_NAME%%|${RC_SCRIPT_NAME}|' ${WRKSRC}/sshd.8
>  	@${REINPLACE_CMD} -E -e 's|SSH_VERSION|TMP_SSH_VERSION|' \
>  		-e 's|.*SSH_RELEASE.*||' ${WRKSRC}/version.h
> -	@${ECHO_CMD} '#define FREEBSD_PORT_VERSION	" FreeBSD-${PKGNAME}"' >> \
> +	@${ECHO_CMD} '#define SSH_VERSION	TMP_SSH_VERSION SSH_PORTABLE' >> \
>  		${WRKSRC}/version.h
> -	@${ECHO_CMD} '#define SSH_VERSION	TMP_SSH_VERSION SSH_PORTABLE FREEBSD_PORT_VERSION' >> \
> -		${WRKSRC}/version.h
> -	@${ECHO_CMD} '#define SSH_RELEASE	TMP_SSH_VERSION SSH_PORTABLE FREEBSD_PORT_VERSION' >> \
> +	@${ECHO_CMD} '#define SSH_RELEASE	TMP_SSH_VERSION SSH_PORTABLE' >> \
>  		${WRKSRC}/version.h
>  .if defined(WITH_HPN)
>  	@${REINPLACE_CMD} -e 's|TMP_SSH_VERSION SSH_PORTABLE|TMP_SSH_VERSION SSH_PORTABLE SSH_HPN|' \


-- 
Cheers
Denis Barov

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100113132953.GH12583>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact