SSH Frequently Asked Questions
When I connect to the SSH server port, I see a version announcement like this:
% telnet SERVER 22 Trying 192.168.1.1... Connected to SERVER (192.168.1.1). Escape character is '^]'. SSH-1.99-OpenSSH_2.5.2p2I don't like this it's announcing the protocol and specific software package and version to the world, so the nasty hackers will know just what attacks to try. Can I turn this off?
Only partially, and it may not be worth the trouble. The version announcement is part of the SSH protocol. Each side sends a string of the form:
The protocol version is mandatory; it is necessary to allow different versions to interoperate. The comment field is optional, and you can remove it (though you will have to edit the source and recompile, or patch the image; none of the common servers have options to alter the comment).
However, if you do this, you may cause yourself some grief. Many SSH clients use the comment string to recognize particular servers and work around bugs and incompatibilities, so you may find other problems cropping up as a result.