Using openssh 3.1p1 on Solaris with tcp wrappers 7.6
Darren Moffat
Darren.Moffat at Sun.COM
Thu May 2 06:21:37 EST 2002
I suspect you answers are in reference to version 1 of the protocol,
since v2 has solutions for both of the things you raise.
>There is no official mechanism for sending SSH banners that I am
>aware of.
draft-ietf-secsh-userauth-15.txt Section 2.5
>I once did a little hack in the SSH client to allow for additional
>text, newline terminated, that is sent prior to the SSH server
>version string. The banner would of course break generic clients.
draft-ietf-secsh-transport-14.txt Section 3.2
The server MAY send other lines of data before sending the version
string. Each line SHOULD be terminated by a carriage return and
newline. Such lines MUST NOT begin with "SSH-", and SHOULD be
encoded in ISO-10646 UTF-8 [RFC2279] (language is not specified).
Clients MUST be able to process such lines; they MAY be silently
ignored, or MAY be displayed to the client user; if they are
displayed, control character filtering discussed in [SSH-ARCH] SHOULD
be used. The primary use of this feature is to allow TCP-wrappers to
display an error message before disconnecting.
--
Darren J Moffat
More information about the openssh-unix-dev
mailing list