Hi, On Wed, Feb 20, 2019 at 10:59:19AM +0000, Jochen Bern wrote: > FWIW, and without dismissing the possibility of fingerprinting a server > in other ways, the fact that clients that *can* pass authentication have > a need to know the server's version number (and vice versa) does not > necessarily imply that that information needs to be passed in the > *public* part of the protocol ... You missed the parts about "working around implementation kinks that the clients can know by looking at the version string". Like, "if we send <this> key exchange now, the connection will be lost". gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany gert@xxxxxxxxxxxxxx
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev