Re: Re: [Bug 2971] New: Prevent OpenSSH from advertising its version number

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hi,

On Wed, Feb 20, 2019 at 10:59:19AM +0000, Jochen Bern wrote:
> FWIW, and without dismissing the possibility of fingerprinting a server
> in other ways, the fact that clients that *can* pass authentication have
> a need to know the server's version number (and vice versa) does not
> necessarily imply that that information needs to be passed in the
> *public* part of the protocol ...

You missed the parts about "working around implementation kinks that
the clients can know by looking at the version string".

Like, "if we send <this> key exchange now, the connection will be lost".

gert

-- 
"If was one thing all people took for granted, was conviction that if you 
 feed honest figures into a computer, honest figures come out. Never doubted 
 it myself till I met a computer with a sense of humor."
                             Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany                             gert@xxxxxxxxxxxxxx

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux