From owner-freebsd-security Tue Mar 27 5:10:29 2001 Delivered-To: freebsd-security@freebsd.org Received: from updraft.jp.freebsd.org (updraft.jp.FreeBSD.ORG [210.157.158.42]) by hub.freebsd.org (Postfix) with ESMTP id EC8F937B718 for ; Tue, 27 Mar 2001 05:10:24 -0800 (PST) (envelope-from matusita@jp.FreeBSD.org) Received: from localhost (localhost [127.0.0.1]) by updraft.jp.freebsd.org (8.11.3+3.4W/8.11.3) with ESMTP/inet id f2RDAN850656 for ; Tue, 27 Mar 2001 22:10:23 +0900 (JST) (envelope-from matusita@jp.FreeBSD.org) In-Reply-To: <20010327005503.J5425@rfx-216-196-73-168.users.reflex> References: <20010327005503.J5425@rfx-216-196-73-168.users.reflex> X-Face: '*aj"d@ijeQ:/X}]oM5c5Uz{ZZZk90WPt>a^y4$cGQp8:!H\W=hSM;PuNiidkc]/%,;6VGu e+`&APmz|P;F~OL/QK%;P2vU>\j4X.8@i%j6[%DTs_3J,Fff0)*oHg$A.cDm&jc#pD24WK@{,"Ef!0 P\):.2}8jo-BiZ?X&t$V X-User-Agent: Mew/1.94.2 XEmacs/21.2 (Urania) X-FaceAnim: (-O_O-)(O_O- )(_O- )(O- )(- -)( -O)( -O_)( -O_O)(-O_O-) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Dispatcher: imput version 20000228(IM140) Lines: 25 From: Makoto MATSUSHITA To: freebsd-security@FreeBSD.ORG Subject: Re: SSHD revelaing too much information. Date: Tue, 27 Mar 2001 22:09:40 +0900 Message-Id: <20010327220940N.matusita@jp.FreeBSD.org> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Trim To: field... cjclark> The 'green@FreeBSD.org 20010321' is too much information. The cjclark> 'OpenSSH_2.3.0' part is required for the protocol. What do you think about NetBSD? Their ssh implementation, based on OpenSSH 2.5.2 but hacked by their own, uses OpenSSH_2.5.2 NetBSD_Secure_Shell-20010319 as a version string. Maybe it's also too much information, since NetBSD Secure Shell is (maybe) only available for NetBSD, and it uses timestamp (20010319). If you doubt, check: It is natual that the first word of version string is for and only for OpenSSH implementation and/or the ssh protocol itself (I dunno it's true or not), and rest of version strings are for identifying the OpenSSH variants (note that our ssh implementation is *not* just a security-fixed OpenSSH 2.3.0, but have features which does not exist in the original OpenSSH by OpenBSD). -- - Makoto `MAR' MATSUSHITA To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message