Timing of banner

Ángel González keisial at gmail.com
Sat Jul 2 08:30:16 EST 2011


Bob Rasmussen wrote:
> Damien, thanks for the explanation.
>
> My user's point has a certain validity, I think: the user isn't seeing
> what they're logging into before giving a username. One might even
> consider it a security issue, identifying yourself before you know who
> you're talking to (although I realize the fingerprint verification
> mitigates this).
You should train your user to check whatever clues your client provides of
the target, such as "the window title displays: server5.example.org 
[Verified]"

You could also add your own "banner" to the client, by making it show 
something
like
Connecting to server5.example.org
The server is the same I met previously.

As you are the ones making the client software, the options are endless. 
You could
for instance allow showing aliases instead of full domain names.



More information about the openssh-unix-dev mailing list