How do I hide ssh number from clients? When I type the following command it displays server version number to end users:
ssh -v server2.example.com OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009 debug1: Reading configuration data /home/vivek/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to server2.example.com [123.x.y.z] port 22. debug1: Connection established. debug1: identity file /home/vivek/.ssh/identity type -1 debug1: identity file /home/vivek/.ssh/id_rsa type 1 debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 debug1: identity file /home/vivek/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3 debug1: match: OpenSSH_4.3 pat OpenSSH_4* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu4
telnet server2.example.com 22 Trying 123.x.y.z... Connected to v.txvip1. Escape character is '^]'. SSH-2.0-OpenSSH_4.3
Why does OpenSSH server report its version to clients?
Short answer from the OpenSSH FAQ:
This information is used by clients and servers to enable protocol compatibility tweaks to work around changed, buggy or missing features in the implementation they are talking to. This protocol feature checking is still required at present because versions with incompatibilities are still in wide use.
In other words it is necessary for compatibility. To hide openssh version, you need to update OpenSSH source code and compile openssh again. You will not get any support for your modified version. I highly recommend our OpenSSH server best security practices guide.TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!
- 30 Cool Open Source Software I Discovered in 2013
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop