Date: 23 Jul 2004 21:10:35 -0400 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: Aaron Dalton <aaron@daltons.ca> Cc: freebsd-questions@freebsd.org Subject: Re: Hiding SSH version string Message-ID: <441xj2gqgk.fsf@be-well.ilk.org> In-Reply-To: <200407231036.54467.aaron@daltons.ca> References: <20040723120101.C832C16A4D9@hub.freebsd.org> <200407231036.54467.aaron@daltons.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Aaron Dalton <aaron@daltons.ca> writes:
> I've read a number of times that people hide their ssh version string so that
> attackers don't know what version you are running. I've read the
> documentation and can't seem to figure out how to do this. Can somebody
> explain to me how this is done? Thank you so much!
I don't recommend anyone actually do this, because
a) it serves no purpose (it certainly doesn't make you any more
secure, or even discourage any attackers)
b) The version string is a part of the protocol itself, required by
the protocol specification
c) you will be making life harder for auditors, system
administrators, and so
If you're really determined, though, the strings are defined in
/usr/src/crypto/openssh/version.h
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?441xj2gqgk.fsf>