Bug#673633: openssh-server: Don't expose the OpenSSH version and the fact I'm using Debian
Package: openssh-server
Version: 1:5.9p1-5
Severity: minor
Dear Maintainer,
When using `ssh -v' when connecting to my Debian box, I can see my
SSH and Debian version, without even having a valid login in the
machine. This shouldn't happen.
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-4-pve (SMP w/2 CPU cores)
Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages openssh-server depends on:
ii adduser 3.113+nmu1
ii debconf [debconf-2.0] 1.5.43
ii dpkg 1.16.3
ii libc6 2.13-32
ii libcomerr2 1.42.2-2
ii libgssapi-krb5-2 1.10+dfsg~beta1-2
ii libkrb5-3 1.10+dfsg~beta1-2
ii libpam-modules 1.1.3-7.1
ii libpam-runtime 1.1.3-7.1
ii libpam0g 1.1.3-7.1
ii libselinux1 2.1.9-2
ii libssl1.0.0 1.0.1c-1
ii libwrap0 7.6.q-23
ii lsb-base 4.1+Debian3
ii openssh-client 1:5.9p1-5
ii procps 1:3.3.2-3
ii zlib1g 1:1.2.7.dfsg-1
Versions of packages openssh-server recommends:
ii openssh-blacklist 0.4.1
ii openssh-blacklist-extra <none>
ii xauth 1:1.0.7-1
Versions of packages openssh-server suggests:
pn molly-guard <none>
pn monkeysphere <none>
pn rssh <none>
pn ssh-askpass <none>
pn ufw <none>
-- debconf information excluded
Reply to: