misc/163843: Modified VersionAddendum field in sshd_config missing
from SSH protocol string
S. Chen
sp1024 at gmail.com
Thu Jan 5 23:00:30 UTC 2012
>Number: 163843
>Category: misc
>Synopsis: Modified VersionAddendum field in sshd_config missing from SSH protocol string
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Jan 05 23:00:29 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator: S. Chen
>Release: 9.0-RC3
>Organization:
>Environment:
FreeBSD host.domain.local 9.0-RC3 FreeBSD 9.0-RC3 #0: Sun Dec 4 08:56:36 UTC 2011 root at farrell.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64
>Description:
In the SSH daemon's configuration file, sshd_config, a variable named "VersionAddendum" can be used to modify the additional version information appended to a typical SSH protocol version string. However, when the variable is set, the value does not appear and yields a slightly malformed SSH protocol version string.
The full, default version string looks like the following. Stock config used.
> echo | nc 127.0.0.1 22
SSH-2.0-OpenSSH_5.8p2_hpn13v11 FreeBSD-20110503
The version string when config is set to "VersionAddendum abc", follows. Note the space between the SSH version and "_hpn13v11", and it's missing "abc".
> diff -u sshd_config.old sshd_config
-#VersionAddendum FreeBSD-20110503
+VersionAddendum abc
> echo | nc 127.0.0.1 22
SSH-2.0-OpenSSH_5.8p2 _hpn13v11
>How-To-Repeat:
1) Modify /etc/ssh/sshd_config, and change the "VersionAddendum" variable to something else (e.g. "abc").
2) Restart sshd (e.g. /etc/rc.d/sshd restart).
3) Retrieve the SSH version string from port 22 (e.g. "echo | nc 127.0.0.1 22). Check for missing variable set in step 1.
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list