From the previous post about OpenSSH banner on Ubuntu, I just found the easy method to hide the distribution version in Ubuntu 10.04 by chance.
The Ubuntu 10.04 has the new option for sshd_config. That is "DebianBanner". You just have to add "DebianBanner no" line (without quotes) into sshd_config, then restart it. Your OpenSSH banner will change from "SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu3"
to
"SSH-2.0-OpenSSH_5.3p1"
Normally, Ubuntu ports code from Debian. So I checked the option in Debian as well. I found the option in Debian 6 as well.
PS: The option has been added since Ubuntu 10.04.
Showing posts with label SSH. Show all posts
Showing posts with label SSH. Show all posts
Thursday, August 12, 2010
Tuesday, July 13, 2010
Identified Ubuntu version from SSH banner
Many times seeing the SSH full banner, I have to googling it for the OS version. I decided I should collect them here.
Let me note a little knowledge about banner (identification string in RFC).
Following RFC 4253 (section 4.2. Protocol Version Exchange), after connection established, the client and server MUST send an identification string. The identification string MUST be
SSH-protoversion-softwareversion SP comments CR LF
The 'comments' string is OPTIONAL. Below are example of valid identification string:
- SSH-2.0-OpenSSH_5.1p1 Debian-5ubuntu1
- SSH-2.0-PuTTY_Release_0.60
To make it easy, I call the identification string as "banner". From the example banners, they are very easy to guess the product name and version. The banner can be for more useful.
As told in title, the default banner can be used for identified Linux distribution and version. For example, the banner "SSH-2.0-OpenSSH_5.1p1 Debian-5ubuntu1" is identified as Ubuntu 9.04. However, of course, it's work only if administrator installs the binary package from its own distribution.
Before going to a list of SSH banner and OS version, I want to say it again "the client and server MUST send an identification string". It means you can identify OS of client and server.
Here is the list that I checked
Why only Ubuntu?
Because I know Ubuntu upgrade OpenSSH only when they release a new version. I do not know other distributions.
But I also list other default banners :)
Let me note a little knowledge about banner (identification string in RFC).
Following RFC 4253 (section 4.2. Protocol Version Exchange), after connection established, the client and server MUST send an identification string. The identification string MUST be
SSH-protoversion-softwareversion SP comments CR LF
The 'comments' string is OPTIONAL. Below are example of valid identification string:
- SSH-2.0-OpenSSH_5.1p1 Debian-5ubuntu1
- SSH-2.0-PuTTY_Release_0.60
To make it easy, I call the identification string as "banner". From the example banners, they are very easy to guess the product name and version. The banner can be for more useful.
As told in title, the default banner can be used for identified Linux distribution and version. For example, the banner "SSH-2.0-OpenSSH_5.1p1 Debian-5ubuntu1" is identified as Ubuntu 9.04. However, of course, it's work only if administrator installs the binary package from its own distribution.
Before going to a list of SSH banner and OS version, I want to say it again "the client and server MUST send an identification string". It means you can identify OS of client and server.
Here is the list that I checked
Ubuntu 5.10: SSH-2.0-OpenSSH_4.1p1 Debian-7ubuntu4
Ubuntu 6.04: SSH-2.0-OpenSSH_4.2p1 Debian-7ubuntu3[.x]
Ubuntu 7.04: SSH-2.0-OpenSSH_4.3p2 Debian-8ubuntu1[.x]
Ubuntu 7.10: SSH-2.0-OpenSSH_4.6p1 Debian-5ubuntu0[.x]
Ubuntu 8.04: SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1[.x]
Ubuntu 8.10: SSH-2.0-OpenSSH_5.1p1 Debian-3ubuntu1
Ubuntu 9.04: SSH-2.0-OpenSSH_5.1p1 Debian-5ubuntu1
Ubuntu 9.10: SSH-2.0-OpenSSH_5.1p1 Debian-6ubuntu2
Ubuntu 10.04: SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu3
Ubuntu 10.04.1: SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu4
Ubuntu 10.04.2: SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu{5,6}
Ubuntu 10.04.3: SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu7
Ubuntu 10.10: SSH-2.0-OpenSSH_5.5p1 Debian-4ubuntu{4,5}
Ubuntu 11.04: SSH-2.0-OpenSSH_5.8p1 Debian-1ubuntu3
Ubuntu 11.10: SSH-2.0-OpenSSH_5.8p1 Debian-7ubuntu1
Why only Ubuntu?
Because I know Ubuntu upgrade OpenSSH only when they release a new version. I do not know other distributions.
But I also list other default banners :)
Debian 4: SSH-2.0-OpenSSH_4.3p2 Debian-9 Debian 5: SSH-2.0-OpenSSH_5.1p1 Debian-5 Debian 6: SSH-2.0-OpenSSH_5.5p1 Debian-6 FreeBSD 7.0: SSH-2.0-OpenSSH_4.5p1 FreeBSD-20061110 FreeBSD 7.2: SSH-2.0-OpenSSH_5.1p1 FreeBSD-20080901 FreeBSD 8.0: SSH-2.0-OpenSSH_5.2p1 FreeBSD-20090522 FreeBSD 8.1: SSH-2.0-OpenSSH_5.4p1 FreeBSD-20100308 FreeBSD 9.0: SSH-2.0-OpenSSH_5.8p2_hpn13v11 FreeBSD-20110503 openSUSE 10.0: SSH-2.0-OpenSSH_5.0 openSUSE 10.1: SSH-2.0-OpenSSH_5.1 openSUSE 10.2: SSH-2.0-OpenSSH_5.2 CentOS 4.x: SSH-2.0-OpenSSH_3.9 CentOS 5.x: SSH-2.0-OpenSSH_4.3 CentOS 6.x: SSH-2.0-OpenSSH_5.3 Fedora 12: SSH-2.0-OpenSSH_5.2 Fedora 13: SSH-2.0-OpenSSH_5.4 Fedora 14: SSH-2.0-OpenSSH_5.5 Fedora 15: SSH-2.0-OpenSSH_5.6 Fedora 16: SSH-2.0-OpenSSH_5.8It seems the distributions that derived from RedHat show only OpenSSH version and no "pX" after version.
Subscribe to:
Posts (Atom)