Hi,
On Wed, Feb 20, 2019 at 10:59:19AM +0000, Jochen Bern wrote:
> FWIW, and without dismissing the possibility of fingerprinting a server
> in other ways, the fact that clients that *can* pass authentication have
> a need to know the server's version number (and vice versa) does not
> necessarily imply that that information needs to be passed in the
> *public* part of the protocol ...
You missed the parts about "working around implementation kinks that
the clients can know by looking at the version string".
Like, "if we send <this> key exchange now, the connection will be lost".
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany gert@xxxxxxxxxxxxxx
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
