[ubuntu-hardened] hiding ssh version
Kees Cook
kees at ubuntu.com
Sun Apr 5 15:44:36 BST 2009
Hi Dan,
On Sat, Mar 28, 2009 at 03:09:36PM -0600, Dan Howerton wrote:
> Is it not possible to get a package in the repos that incorporates this
> patch and other hardening measures such as denyhosts? Possibly an
> ssh-hardened package? It doesn't have to be something that is pushed out
> with the distro by default but something that people can install if they
> choose to.
I don't think it makes sense to have a forked ssh package in the primary
archive. However, there's nothing to stop someone from building openssh
with the patch and hosting it in their PPA.
-Kees
--
Kees Cook
Ubuntu Security Team
More information about the ubuntu-hardened
mailing list