Using openssh 3.1p1 on Solaris with tcp wrappers 7.6
Ben Lindstrom
mouring at etoh.eviladmin.org
Thu May 2 06:14:47 EST 2002
SSH Protocol 2 added the ability to send a banner.
- Ben
On Wed, 1 May 2002, Wietse Venema wrote:
> There is no official mechanism for sending SSH banners that I am
> aware of.
>
> I once did a little hack in the SSH client to allow for additional
> text, newline terminated, that is sent prior to the SSH server
> version string. The banner would of course break generic clients.
>
> Wietse
>
> R. P. Channing Rodgers, M.D.:
> >
> > Dear Open SSH and TCP Wrappers Colleagues,
> >
> > We are trying to use open ssh 3.1p1 on SPARC platforms
> > under Solaris 2.8 using gcc 2.95.2, in conjunction with
> > tcp wrappers 7.6 (IPv6 version). The wrapping of open ssh
> > is not too well documented but I think we have figured
> > most of this out (hearty thanks to Wietse Venema, Jim
> > Mintha & Niels Provos for their helpful email exchanges) --
> > but have one final question. Tcp wrappers can send out
> > banner messages in response to various network service
> > requests. The Banners.makefile that is used to create
> > the various banner files from a prototype (inserting any
> > special content that a particular service protocol such
> > as ftp might require) does contain this comment:
> >
> > # Other services: banners may interfere with normal operation
> > # so they should probably be used only when refusing service.
> > # In particular, banners don't work with standard rsh daemons.
> > # You would have to use an rshd that has built-in tcp wrapper
> > # support, for example the rshd that is part of the logdaemon
> > # utilities.
> >
> > And there is no target to create a sshd banner. Is there
> > a mechanism in open ssh, when using tcp wrappers, to
> > support a banner? Thanks in advance for any helpful
> > insights.
> >
> > We would be happy to share our installation instructions
> > for both systems and welcome comments about the most
> > efficient way in which we might do so.
> >
> > Cheerio, Rick Rodgers
> >
>
> _______________________________________________
> openssh-unix-dev at mindrot.org mailing list
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>
More information about the openssh-unix-dev
mailing list