Hello everyone,I seem to remember that, quite some while back, there were provisions in OpenSSH to look at the version string in the peer's hello and activate compatibility options for peer software that needed them.
Now, with CVE-2024-31497, I would like to have a look at the version strings of clients and servers other organizations use to exchange data with us; I remember occasionally seeing references in their hellos that their dedicated file transfer software was supposedly based on a PuTTY *library*.
Apart from using tcpdump or cranking the log level *way* up, would it be possible to configure OpenSSH to extract *that* information specifically, a la
Match PeerVersion "*putty*" Log "PuTTY-using peer found!" Banner /etc/ssh/you_want_to_have_a_look_at_this_cve.txt ? Kind regards and thanks in advance, -- Jochen Bern Systemingenieur Binect GmbH
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev