Re: An additional-auth mechanism for SSH to protect against scanning/probing attacks

[Mouse <mouse%Rodents-Montreal.ORG@localhost>]

>>> [...] respond to connect attempts on port 22 with:

>>> 220 $servername ESMTP Chuckmail bent over and ready
>>> +OK POP3 server ready <abcd@$servername>
>>> OK IMAP/POP3 ready $servername
>>> 220 FTP Server $servername ready
>>> SSH-2.0-$server-$version

>> Should be amusing, if nothing else!

[PuTTY works, MobaXterm fails]

> Having said that, I don't think anything should be accepting that
> abomination as an SSH ID even if the spec says they should, it's an
> abuse of a weird corner case in the spec to send that and expect it
> to work.

Eh, I guess it's a philosophical difference.

I strongly disagree; if the spec says it should work, I say any
implementation that doesn't accept it is buggy and needs repair.
(moussh seems to be just fine with it, not surprisingly in view of the
stance I just expressed.)

After all, it's really no different from any other four lines of text
not beginning "SSH-", except to humans.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B