Forum Debian Users Gang

Całkowicie nie wyłączysz tego (wersja protokołu i oprogramowania), ponieważ jest to wyszczególnione w RFC 4253 (The Secure Shell (SSH) Transport Layer Protocol):

4.2. Protocol Version Exchange


   When the connection has been established, both sides MUST send an
   identification string.  This identification string MUST be

      SSH-protoversion-softwareversion SP comments CR LF

   Since the protocol being defined in this set of documents is version
   2.0, the 'protoversion' MUST be "2.0".  The 'comments' string is
   OPTIONAL.  If the 'comments' string is included, a 'space' character
   (denoted above as SP, ASCII 32) MUST separate the 'softwareversion'
   and 'comments' strings.  The identification MUST be terminated by a
   single Carriage Return (CR) and a single Line Feed (LF) character
   (ASCII 13 and 10, respectively).  Implementers who wish to maintain
  compatibility with older, undocumented versions of this protocol may
   want to process the identification string without expecting the
   presence of the carriage return character for reasons described in
   Section 5 of this document.  The null character MUST NOT be sent.
   The maximum length of the string is 255 characters, including the
   Carriage Return and Line Feed.

   The part of the identification string preceding the Carriage Return
   and Line Feed is used in the Diffie-Hellman key exchange (see Section
   8).

   The server MAY send other lines of data before sending the version
   string.  Each line SHOULD be terminated by a Carriage Return and Line
   Feed.  Such lines MUST NOT begin with "SSH-", and SHOULD be encoded
   in ISO-10646 UTF-8 [RFC3629] (language is not specified).  Clients
   MUST be able to process such lines.  Such lines MAY be silently
   ignored, or MAY be displayed to the client user.  If they are
   displayed, control character filtering, as discussed in [SSH-ARCH],
   SHOULD be used.  The primary use of this feature is to allow TCP-
   wrappers to display an error message before disconnecting.

   Both the 'protoversion' and 'softwareversion' strings MUST consist of
   printable US-ASCII characters, with the exception of whitespace
   characters and the minus sign (-).  The 'softwareversion' string is
   primarily used to trigger compatibility extensions and to indicate
   the capabilities of an implementation.  The 'comments' string SHOULD
   contain additional information that might be useful in solving user
   problems.  As such, an example of a valid identification string is

      SSH-2.0-billsSSH_3.6.3q3<CR><LF>

   This identification string does not contain the optional 'comments'
   string and is thus terminated by a CR and LF immediately after the
   'softwareversion' string.

   Key exchange will begin immediately after sending this identifier.
   All packets following the identification string SHALL use the binary
   packet protocol, which is described in Section 6.

Jest to również wyjaśnione w FAQ OpenSSH:

2.14 - Why does OpenSSH report its version to clients?

OpenSSH, like most SSH implementations, reports its name and version to clients when they connect, e.g.

    SSH-2.0-OpenSSH_3.9

This information is used by clients and servers to enable protocol compatibility tweaks to work around changed, buggy or missing features in the implementation they are talking to. This protocol feature checking is still required at present because versions with incompatibilities are still in wide use.

W Debianie natomiast możesz wyłączyć samą część komentarza, wskazującą na używany system operacyjny dodając do konfiguracji opcję:

DebianBanner no

Koledze Czater nie chodziło o wyświetlanie MOTD, a wymianę informacji o używanej wersji OpenSSH, jeszcze przed zestawieniem zaszyfrowanej sesji.

Dziękuje za pomoc. Pomogła zmiana w pliku konfiguracyjnym ssh na

DebianBanner no

przez co nie wyświetla wersji systemu operacyjnego.