git: b0025f9b7ff0 - main - openssh: update default version addendum in man pages
Ronald Klop
ronald-lists at klop.ws
Sun Sep 5 16:26:07 UTC 2021
On 9/4/21 5:34 PM, Ed Maste wrote:
> The branch main has been updated by emaste:
>
> URL: https://cgit.FreeBSD.org/src/commit/?id=b0025f9b7ff04ed623e9e5d8f9eaf172d5ff23f0
>
> commit b0025f9b7ff04ed623e9e5d8f9eaf172d5ff23f0
> Author: Ed Maste <emaste at FreeBSD.org>
> AuthorDate: 2021-09-04 15:33:13 +0000
> Commit: Ed Maste <emaste at FreeBSD.org>
> CommitDate: 2021-09-04 15:33:13 +0000
>
> openssh: update default version addendum in man pages
>
> Fixes: 2f513db72b03 ("Upgrade to OpenSSH 7.9p1.")
> MFC after: 3 days
> Sponsored by: The FreeBSD Foundation
> ---
> crypto/openssh/ssh_config.5 | 2 +-
> crypto/openssh/sshd_config.5 | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/crypto/openssh/ssh_config.5 b/crypto/openssh/ssh_config.5
> index 468b5025ae14..e8b52f309b50 100644
> --- a/crypto/openssh/ssh_config.5
> +++ b/crypto/openssh/ssh_config.5
> @@ -1658,7 +1658,7 @@ in
> Specifies a string to append to the regular version string to identify
> OS- or site-specific modifications.
> The default is
> -.Dq FreeBSD-20180909 .
> +.Dq FreeBSD-20200214 .
> The value
> .Cm none
> may be used to disable this.
> diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5
> index d28622d984a1..0ae5e665af3d 100644
> --- a/crypto/openssh/sshd_config.5
> +++ b/crypto/openssh/sshd_config.5
> @@ -1654,7 +1654,7 @@ The default is
> Optionally specifies additional text to append to the SSH protocol banner
> sent by the server upon connection.
> The default is
> -.Qq FreeBSD-20180909 .
> +.Qq FreeBSD-20200214 .
> The value
> .Cm none
> may be used to disable this.
> _______________________________________________
> dev-commits-src-all at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all
> To unsubscribe, send any mail to "dev-commits-src-all-unsubscribe at freebsd.org"
>
Hi,
I'm wondering why the FreeBSD project adds this information to the banner by default. I learned that not exposing information about the running system is good security practice.
Any thoughts about this? What is the gain of this banner?
NB: I'm not in a position to really question this, just curious why it is the default.
Regards,
Ronald.
More information about the dev-commits-src-main
mailing list