From owner-freebsd-questions@FreeBSD.ORG  Sat Jul 24 01:10:36 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C3C2816A4CE
	for <freebsd-questions@freebsd.org>;
	Sat, 24 Jul 2004 01:10:36 +0000 (GMT)
Received: from rwcrmhc13.comcast.net (rwcrmhc13.comcast.net [204.127.198.39])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9ADAB43D2F
	for <freebsd-questions@freebsd.org>;
	Sat, 24 Jul 2004 01:10:36 +0000 (GMT)
	(envelope-from freebsd-questions-local@be-well.ilk.org)
Received: from be-well.no-ip.com ([66.30.196.44])
          by comcast.net (rwcrmhc13) with ESMTP
          id <2004072401103501500inefqe>; Sat, 24 Jul 2004 01:10:36 +0000
Received: by be-well.no-ip.com (Postfix, from userid 1147)
	id 6B4C712; Fri, 23 Jul 2004 21:10:35 -0400 (EDT)
Sender: lowell@be-well.ilk.org
To: Aaron Dalton <aaron@daltons.ca>
References: <20040723120101.C832C16A4D9@hub.freebsd.org>
	<200407231036.54467.aaron@daltons.ca>
From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org>
Date: 23 Jul 2004 21:10:35 -0400
In-Reply-To: <200407231036.54467.aaron@daltons.ca>
Message-ID: <441xj2gqgk.fsf@be-well.ilk.org>
Lines: 20
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
cc: freebsd-questions@freebsd.org
Subject: Re: Hiding SSH version string
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 24 Jul 2004 01:10:36 -0000

Aaron Dalton <aaron@daltons.ca> writes:

> I've read a number of times that people hide their ssh version string so that 
> attackers don't know what version you are running.  I've read the 
> documentation and can't seem to figure out how to do this.  Can somebody 
> explain to me how this is done?  Thank you so much!

I don't recommend anyone actually do this, because 
 
 a) it serves no purpose (it certainly doesn't make you any more
    secure, or even discourage any attackers)

 b) The version string is a part of the protocol itself, required by
    the protocol specification

 c) you will be making life harder for auditors, system
    administrators, and so 

If you're really determined, though, the strings are defined in
/usr/src/crypto/openssh/version.h