[ubuntu-hardened] hiding ssh version

Paul Sladen ubuntu at paul.sladen.org
Sat Mar 28 12:19:03 GMT 2009


On Sat, 28 Mar 2009, Dan Howerton wrote:
> SSH-2.0-OpenSSH_5.1p1 Debian-3ubuntu1
> http://www.kramse.dk/projects/unix/opensshhideversion_en.html

This patch is attempting to introduce security through obscurity:

  http://en.wikipedia.org/wiki/Security_through_obscurity

A patch like is probably best taken upstream (to OpenSSH themselves) before
consideration.  It appears that somebody may have already done that:

  http://kerneltrap.org/mailarchive/openbsd-misc/2008/4/24/1578594

(Warning, contains mild obscenities).

	-Paul
-- 
Why do one side of a triangle when you can do all three.  Somewhere, GB.




More information about the ubuntu-hardened mailing list