git: b0025f9b7ff0 - main - openssh: update default version addendum in man pages

Ronald Klop ronald-lists at klop.ws
Sun Sep 5 16:26:07 UTC 2021 

On 9/4/21 5:34 PM, Ed Maste wrote:
> The branch main has been updated by emaste:
> 
> URL: https://cgit.FreeBSD.org/src/commit/?id=b0025f9b7ff04ed623e9e5d8f9eaf172d5ff23f0
> 
> commit b0025f9b7ff04ed623e9e5d8f9eaf172d5ff23f0
> Author:     Ed Maste <emaste at FreeBSD.org>
> AuthorDate: 2021-09-04 15:33:13 +0000
> Commit:     Ed Maste <emaste at FreeBSD.org>
> CommitDate: 2021-09-04 15:33:13 +0000
> 
>      openssh: update default version addendum in man pages
>      
>      Fixes:          2f513db72b03 ("Upgrade to OpenSSH 7.9p1.")
>      MFC after:      3 days
>      Sponsored by:   The FreeBSD Foundation
> ---
>   crypto/openssh/ssh_config.5  | 2 +-
>   crypto/openssh/sshd_config.5 | 2 +-
>   2 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/crypto/openssh/ssh_config.5 b/crypto/openssh/ssh_config.5
> index 468b5025ae14..e8b52f309b50 100644
> --- a/crypto/openssh/ssh_config.5
> +++ b/crypto/openssh/ssh_config.5
> @@ -1658,7 +1658,7 @@ in
>   Specifies a string to append to the regular version string to identify
>   OS- or site-specific modifications.
>   The default is
> -.Dq FreeBSD-20180909 .
> +.Dq FreeBSD-20200214 .
>   The value
>   .Cm none
>   may be used to disable this.
> diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5
> index d28622d984a1..0ae5e665af3d 100644
> --- a/crypto/openssh/sshd_config.5
> +++ b/crypto/openssh/sshd_config.5
> @@ -1654,7 +1654,7 @@ The default is
>   Optionally specifies additional text to append to the SSH protocol banner
>   sent by the server upon connection.
>   The default is
> -.Qq FreeBSD-20180909 .
> +.Qq FreeBSD-20200214 .
>   The value
>   .Cm none
>   may be used to disable this.
> _______________________________________________
> dev-commits-src-all at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all
> To unsubscribe, send any mail to "dev-commits-src-all-unsubscribe at freebsd.org"
> 


Hi,

I'm wondering why the FreeBSD project adds this information to the banner by default. I learned that not exposing information about the running system is good security practice.
Any thoughts about this? What is the gain of this banner?

NB: I'm not in a position to really question this, just curious why it is the default.

Regards,
Ronald.

More information about the dev-commits-src-main mailing list