Im trying to hide the ability to show my host details from OpenSSH on GNU/Linux Debian using this method: Add the following line to /etc/ssh/sshd_config DebianBanner no And restart your SSH daemon: /etc/init.d/ssh restart or service ssh restart This doent change anything. Another question why user cant hide SSH info as well? why it needs to be publicly visible? (I read that only recompiling would fix that but this is pain in the neck) ThX!
> > DebianBanner noI think DebianBanner is a debian-specific option so you'd have to take this request for help to them, but for what it's worth it works for me $ telnet localhost 22 Trying ::1... Connected to localhost. Escape character is '^]'. SSH-2.0-OpenSSH_8.3p1 Debian-1 and with DebianBanner no $ telnet localhost 22 Trying ::1... Connected to localhost. Escape character is '^]'. SSH-2.0-OpenSSH_8.3p1> And restart your SSH daemon: /etc/init.d/ssh restart or service ssh restart > > This doent change anything. > > Another question why user cant hide SSH info as well? why it needs to be > publicly visible? (I read that only recompiling would fix that but this > is pain in the neck) > > ThX! > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
On Mon, 15 Jun 2020, bo0od wrote:> Im trying to hide the ability to show my host details from OpenSSH on > GNU/Linux Debian using this method: > > Add the following line to /etc/ssh/sshd_config > > DebianBanner no > > And restart your SSH daemon: /etc/init.d/ssh restart or service ssh restart > > This doent change anything. > > Another question why user cant hide SSH info as well? why it needs to be > publicly visible? (I read that only recompiling would fix that but this is > pain in the neck)It's public because it's used to make compatibility decisions, see compat.c in the OpenSSH source distrubution. -d
maybe its useful but on the other hand its bad decision if user want to hide it in order to avoid bots attacks for vulnerable versions (for surely it should be left not updated for long time BUT still optional setting is preferable for the user to choose hide it or not) Default can be show version , but at least provide easy option to hide. Damien Miller:> On Mon, 15 Jun 2020, bo0od wrote: > >> Im trying to hide the ability to show my host details from OpenSSH on >> GNU/Linux Debian using this method: >> >> Add the following line to /etc/ssh/sshd_config >> >> DebianBanner no >> >> And restart your SSH daemon: /etc/init.d/ssh restart or service ssh restart >> >> This doent change anything. >> >> Another question why user cant hide SSH info as well? why it needs to be >> publicly visible? (I read that only recompiling would fix that but this is >> pain in the neck) > > It's public because it's used to make compatibility decisions, see compat.c > in the OpenSSH source distrubution. > > -d > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >