Date: Wed, 13 Jan 2010 08:40:49 -0500 From: jhell <jhell@DataIX.net> To: Denis Barov <dindin@yandex-team.ru> Cc: dwcjr@inethouston.net, dindin@dindin.ru, FreeBSD Ports <FreeBSD-Ports@freebsd.org> Subject: Re: patch for security/openssh-portable Message-ID: <alpine.BSF.2.00.1001130838240.68848@pragry.qngnvk.ybpny> In-Reply-To: <20100113132953.GH12583@sepulca.yandex.ru> References: <alpine.BSF.2.00.1001130806170.55823@pragry.qngnvk.ybpny> <20100113132953.GH12583@sepulca.yandex.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 13 Jan 2010 08:29, dindin@ wrote:
> Probably you want VersionAddendum option in sshd_config?
>
No.
To my understanding and my last tests VersionAddendum and is only a
Addendum or did not work which spurred me to patch up the Makefile in the
first place.
Thanks for the thought though but I did not miss that option.
> Wed, Jan 13, 2010 at 08:14 -0500 jhell:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>>
>>
>> Request.
>>
>> Attached is a patch against security/openssh-portable Makefile to remove
>> FreeBSD version and openssl version from its version reply string.
>>
>> This changes it from its default reply to: SSH-2.0-OpenSSH_5.2p1
>>
>> I would rather leave a prober guessing rather than giving the information
>> he needs to analyze a large number of hosts quickly.
>>
>> - --
>>
>> Wed Jan 13 08:06:17 2010
>>
>> jhell
>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v2.0.14 (FreeBSD)
>>
>> iQEcBAEBAgAGBQJLTceJAAoJEJBXh4mJ2FR+nrMH/jzYBXWyUXueQFrGYJnovskV
>> uSDme/bxd+iwVlsAyGPNK8Ub8oQC9725ohh0a8N6rcotENODPJyXRh0c9Gz5Kr3D
>> 81opHf+qE6Z0Awhb3FcNYf/jCve4TOj5MZpzdy1peZ6pwJXA8BM7YbrP1+OFlQRN
>> yu3HuNg/LQyx0Rk0kVzVISLInpdmndC/OBtCjLwBuGb0Np/WYshuNOr739jOodcL
>> Odqa94apkhZpm8yI5+P6tQdf/RMOpn/PgB0MidLt3hH2Ayxpm903Wrs9p4d6xzc8
>> i2tZR8crdHCwjO5TRHITWmc273XZychU24P8HIC06GP56pG8jClFR1XSqBCpZMY=
>> =fKHX
>> -----END PGP SIGNATURE-----
>
>> --- Makefile.orig 2009-12-30 15:14:04.646162156 -0500
>> +++ Makefile 2009-12-30 15:15:36.939692199 -0500
>> @@ -229,11 +229,9 @@
>> -e 's|%%RC_SCRIPT_NAME%%|${RC_SCRIPT_NAME}|' ${WRKSRC}/sshd.8
>> @${REINPLACE_CMD} -E -e 's|SSH_VERSION|TMP_SSH_VERSION|' \
>> -e 's|.*SSH_RELEASE.*||' ${WRKSRC}/version.h
>> - @${ECHO_CMD} '#define FREEBSD_PORT_VERSION " FreeBSD-${PKGNAME}"' >> \
>> + @${ECHO_CMD} '#define SSH_VERSION TMP_SSH_VERSION SSH_PORTABLE' >> \
>> ${WRKSRC}/version.h
>> - @${ECHO_CMD} '#define SSH_VERSION TMP_SSH_VERSION SSH_PORTABLE FREEBSD_PORT_VERSION' >> \
>> - ${WRKSRC}/version.h
>> - @${ECHO_CMD} '#define SSH_RELEASE TMP_SSH_VERSION SSH_PORTABLE FREEBSD_PORT_VERSION' >> \
>> + @${ECHO_CMD} '#define SSH_RELEASE TMP_SSH_VERSION SSH_PORTABLE' >> \
>> ${WRKSRC}/version.h
>> .if defined(WITH_HPN)
>> @${REINPLACE_CMD} -e 's|TMP_SSH_VERSION SSH_PORTABLE|TMP_SSH_VERSION SSH_PORTABLE SSH_HPN|' \
>
>
>
--
Wed Jan 13 08:38:24 2010
It may not be able to take your machine down, but it can fill up your
Internet Pipe.
jhell
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1001130838240.68848>