Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Disable SSH 1.99 version?
Special Forums Cybersecurity Disable SSH 1.99 version? Post 302560272 by fpmurphy on Thursday 29th of September 2011 10:20:04 AM
Old 09-29-2011
See RFC 4253 Section 5.1

Quote:
5.1. Old Client, New Server

Server implementations MAY support a configurable compatibility flag
that enables compatibility with old versions. When this flag is on,
the server SHOULD identify its 'protoversion' as "1.99". Clients
using protocol 2.0 MUST be able to identify this as identical to
"2.0". In this mode, the server SHOULD NOT send the Carriage Return
character (ASCII 13) after the identification string.

In the compatibility mode, the server SHOULD NOT send any further
data after sending its identification string until it has received an
identification string from the client. The server can then determine
whether the client is using an old protocol, and can revert to the
old protocol if required. In the compatibility mode, the server MUST
NOT send additional data before the identification string.
This User Gave Thanks to fpmurphy For This Post:
jabalv
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Disable SSH w/ OS X Terminal

I want to shut down SSH, yet I'm unable to. Last login: Sun Dec 14 17:59:36 on console ryans-imac-2:~ Ryan$ service ssh stop service: failed to stop the 'ssh' service ryans-imac-2:~ Ryan$ Please advise. Thanks. (2 Replies)
Discussion started by: pianoman1976
2 Replies

2. Shell Programming and Scripting

Disable SSH key authentication

Hello Guys, I need your help. I am trying to create a script to change password for multipls servers but having problem when it comes to ssh key authentication. Does anyone have a sample script that will disable ssh key authentication for multiple servers?;) (3 Replies)
Discussion started by: youdexter
3 Replies

3. Solaris

SSH enable, Telnet disable ...

Hi... How do I enable SSH and disable telnet.. Also - is there anything special I need to do to ensure that a new user can use ssh and su but not telnet? Adel (15 Replies)
Discussion started by: ArabOracle.com
15 Replies

4. Shell Programming and Scripting

How to disable banner displayed on ssh connect

Is there away to disable a banner/motd when connecting to a server via ssh? The reason I want to do this is that I have a script that issues multiple SSH connection to remote machines so as to invoke a script on the remote machine. The script runs fine on the remote machine its just that I... (1 Reply)
Discussion started by: davejavu
1 Replies

5. Linux

ssh - disable direct root login

Hi Guys.... I am a newbie to unix. I have a requirement. I have a server. I have to configure ssh to disable direct root login and then add a user with sudo access to this server.Then change the ssh port to 22315 and the server should permit the ssh only from my local machine ip.I also have to... (1 Reply)
Discussion started by: mahesh_raghu
1 Replies

6. UNIX for Dummies Questions & Answers

How to disable root login (Not over SSH)?

I have already disabled root login over the ssh by modifying /etc/ssh/sshd_config. But how would i disable root login on a server itself. We have implemented LDAP in our environment and our security guide states that root login must be obtained by first logging into the host using his/her own... (2 Replies)
Discussion started by: pinga123
2 Replies

7. Solaris

How to disable/bypass passphrase prompt in ssh?

Hi Folks, I have setup a passwordless connection from my Linux ( source) machine toSolaris ( destination ) machine. I have added passphrase while creating the rsa key. Now problem is each time when i make a connection i have to give the passphrase to make connection. How to override this ? I... (4 Replies)
Discussion started by: chidori
4 Replies

8. UNIX for Advanced & Expert Users

Ssh disable strict checking

What are the different ways to disable ssh strict checking? I've seen this mentioned a few times but it doesn't seem to be working. $ ssh -o 'StrictHostKeyChecking no' admin@hostnamehttp://docs.oracle.com/cd/E35328_01/E35336/html/vmcli-ssh.html Is there a file somewhere in /etc that I could... (4 Replies)
Discussion started by: cokedude
4 Replies

9. Solaris

Disable or remove SNMPv1/2c authentication and SNMP version-3

Hi; How can I disable or remove SNMPv1/2c authentication. I would like to use SNMP version 3 authentication. bash-3.00# uname -a SunOS SOL9229 5.10 Generic_142910-17 i86pc i386 i86pc bash-3.00# (1 Reply)
Discussion started by: gc_sw
1 Replies

10. UNIX for Beginners Questions & Answers

How to disable ssh on server

This is the very simple and easy to understand. How to Disable SSH Logins on a Linux Box? Hello and Welcome to The UNIX and Linux Forums! DO NOT hijack others' threads; create a new one with a meaningful and adequate title. Please read the our FAQ on how to post new threads in the... (1 Reply)
Discussion started by: Bhargavice
1 Replies

LEARN ABOUT SUSE

ssl_ctx_new

SSL_CTX_new(3SSL)						      OpenSSL							 SSL_CTX_new(3SSL)

NAME

       SSL_CTX_new - create a new SSL_CTX object as framework for TLS/SSL enabled functions

SYNOPSIS

	#include <openssl/ssl.h>

	SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);

DESCRIPTION

       SSL_CTX_new() creates a new SSL_CTX object as framework to establish TLS/SSL enabled connections.

NOTES

       The SSL_CTX object uses method as connection method. The methods exist in a generic type (for client and server use), a server only type,
       and a client only type. method can be of the following types:

       SSLv2_method(void), SSLv2_server_method(void), SSLv2_client_method(void)
	   A TLS/SSL connection established with these methods will only understand the SSLv2 protocol. A client will send out SSLv2 client hello
	   messages and will also indicate that it only understand SSLv2. A server will only understand SSLv2 client hello messages.

       SSLv3_method(void), SSLv3_server_method(void), SSLv3_client_method(void)
	   A TLS/SSL connection established with these methods will only understand the SSLv3 protocol. A client will send out SSLv3 client hello
	   messages and will indicate that it only understands SSLv3. A server will only understand SSLv3 client hello messages. This especially
	   means, that it will not understand SSLv2 client hello messages which are widely used for compatibility reasons, see SSLv23_*_method().

       TLSv1_method(void), TLSv1_server_method(void), TLSv1_client_method(void)
	   A TLS/SSL connection established with these methods will only understand the TLSv1 protocol. A client will send out TLSv1 client hello
	   messages and will indicate that it only understands TLSv1. A server will only understand TLSv1 client hello messages. This especially
	   means, that it will not understand SSLv2 client hello messages which are widely used for compatibility reasons, see SSLv23_*_method().
	   It will also not understand SSLv3 client hello messages.

       SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)
	   A TLS/SSL connection established with these methods will understand the SSLv2, SSLv3, and TLSv1 protocol. A client will send out SSLv2
	   client hello messages and will indicate that it also understands SSLv3 and TLSv1. A server will understand SSLv2, SSLv3, and TLSv1
	   client hello messages. This is the best choice when compatibility is a concern.

       The list of protocols available can later be limited using the SSL_OP_NO_SSLv2, SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1 options of the
       SSL_CTX_set_options() or SSL_set_options() functions. Using these options it is possible to choose e.g. SSLv23_server_method() and be able
       to negotiate with all possible clients, but to only allow newer protocols like SSLv3 or TLSv1.

       SSL_CTX_new() initializes the list of ciphers, the session cache setting, the callbacks, the keys and certificates, and the options to its
       default values.

RETURN VALUES

       The following return values can occur:

       NULL
	   The creation of a new SSL_CTX object failed. Check the error stack to find out the reason.

       Pointer to an SSL_CTX object
	   The return value points to an allocated SSL_CTX object.

SEE ALSO

       SSL_CTX_free(3), SSL_accept(3), ssl(3),	SSL_set_connect_state(3)

1.0.1e								    2013-02-11							 SSL_CTX_new(3SSL)
All times are GMT -4. The time now is 03:31 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy