current-users: Re: HEADS UP: ssh configuration files renamed

Subject: Re: HEADS UP: ssh configuration files renamed
To: Luke Mewburn <lukem@netbsd.org>
From: Bruno Saverio Delbono <bruno@lucifer.at>
List: current-users
Date: 04/30/2002 02:03:58

--lEGEL1/lMxI0MVQ2
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Making, drinking tea and reading an opus magnum from Luke Mewburn:
> On Mon, Apr 29, 2002 at 01:06:17PM -0400, gabriel rosenkoetter
> wrote:
>   > On Mon, Apr 29, 2002 at 06:28:27PM +1000, Luke Mewburn wrote:
>   > > HEADS UP!
>   > >=20
>   > > The ssh(1) and sshd(8) configuration files have been renamed
>   > > to be consistent with the OpenSSH defaults:
>   >=20
>   > Why? Did you discuss this change anywhere public?

> The decision to move to have consistent configuration filenames with
> what the third party vendor (OpenSSH) ships with was made a couple
> of weeks ago by at least two members of NetBSD core, after long
> discussion on various NetBSD forums.

[...]

While we are on the topic of ssh, why do we print out the version
string of the OS as banner when we connect? i.e.

On NetBSD -current:

[bruno@leviathan.lucifer.at]$telnet xxx.xxx.xxx.xxx 22
Trying 208.xxx.xxx.xxx...
Connected to xxx.xxx.xxx.xxx
Escape character is '^]'.
SSH-1.99-OpenSSH_3.2 NetBSD_Secure_Shell-20020422

I don't want people to know the OS/version only from the sshd banner?
Why you may ask...well recently there have been a string of exploits
(crc32 bug) which has been exploited with x2. Each day, I get around
50+ - 100+ probes for the sshd banner.=20

However on OpenBSD:

[bruno@leviathan.lucifer.at]$telnet mail.open-systems.org 22
Trying 24.84.17.242...
Connected to mail.open-systems.org.
Escape character is '^]'.
SSH-1.99-OpenSSH_3.0.2

Is there a reason on why this should not be similar to OpenSSH -core?

Kind regards,

    -Bruno

--=20
Excellent time to become a missing person.

--lEGEL1/lMxI0MVQ2
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (OpenBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE8zl3+ercGlynG6Y0RAkfeAJ99360ZFZa2oBkb0n1qO9Bb8HRQmACfTe1P
UwxGjgaaZWd0xad5EasHp48=
=82rF
-----END PGP SIGNATURE-----

--lEGEL1/lMxI0MVQ2--