Turning off sshd version display when someone telnets to port.
Chuck Swiger
cswiger at mac.com
Sat Jun 19 09:23:18 PDT 2004
Emperor of Florida wrote:
[ ...concealing the purpose of a port... ]
> Currently when you telnet to it you will see:
> Escape character is '^]'.
> SSH-1.99-OpenSSH_3.6.1p1 YbrickRd
As Jeremy said, SSH depends on exchanging the version of the procotols it is
using in order for both sides to figure out what types of cryptography they
can use.
You have already improved the security of your installation significantly, and
to the point where any gains beyond this are going to require heroic measures.
You might consider setting up IPsec, or blocking inbound SSH connections
from all but a few IP addresses, or changing SSH to use OPIE rather than
reusable passwords.
--
-Chuck
More information about the freebsd-questions
mailing list