Reacting to / Logging the peer's Version String?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hello everyone,

I seem to remember that, quite some while back, there were provisions in OpenSSH to look at the version string in the peer's hello and activate compatibility options for peer software that needed them.

Now, with CVE-2024-31497, I would like to have a look at the version strings of clients and servers other organizations use to exchange data with us; I remember occasionally seeing references in their hellos that their dedicated file transfer software was supposedly based on a PuTTY *library*.

Apart from using tcpdump or cranking the log level *way* up, would it be possible to configure OpenSSH to extract *that* information specifically, a la

Match PeerVersion "*putty*"
	Log "PuTTY-using peer found!"
	Banner /etc/ssh/you_want_to_have_a_look_at_this_cve.txt

?

Kind regards and thanks in advance,
--
Jochen Bern
Systemingenieur

Binect GmbH

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux