Re: Bug#130876: ssh: -5 discloses too much infomation to an attacker, security
Previously Matthew Vernon wrote:
> retitle 130876 Sending server software version information should be optional
I'm not sure I agree with that: that easily leads to the configurable
version response option that was discussed on openssh-dev recently where
it was concluded that is not a good idea.
Wichert.
--
_________________________________________________________________
/wichert@wiggy.net This space intentionally left occupied \
| wichert@deephackmode.org http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
Reply to: