Using openssh 3.1p1 on Solaris with tcp wrappers 7.6
Wietse Venema
wietse at porcupine.org
Thu May 2 06:24:55 EST 2002
Cool.
Wietse
Darren Moffat:
> I suspect you answers are in reference to version 1 of the protocol,
> since v2 has solutions for both of the things you raise.
>
> >There is no official mechanism for sending SSH banners that I am
> >aware of.
>
> draft-ietf-secsh-userauth-15.txt Section 2.5
>
> >I once did a little hack in the SSH client to allow for additional
> >text, newline terminated, that is sent prior to the SSH server
> >version string. The banner would of course break generic clients.
>
> draft-ietf-secsh-transport-14.txt Section 3.2
>
> The server MAY send other lines of data before sending the version
> string. Each line SHOULD be terminated by a carriage return and
> newline. Such lines MUST NOT begin with "SSH-", and SHOULD be
> encoded in ISO-10646 UTF-8 [RFC2279] (language is not specified).
> Clients MUST be able to process such lines; they MAY be silently
> ignored, or MAY be displayed to the client user; if they are
> displayed, control character filtering discussed in [SSH-ARCH] SHOULD
> be used. The primary use of this feature is to allow TCP-wrappers to
> display an error message before disconnecting.
>
>
>
> --
> Darren J Moffat
>
>
More information about the openssh-unix-dev
mailing list