SSH banner reveals sensitive information
The ssh banner reveals the OS and version information that a possible attacker could use:
telnet <my-freenas-host-ip> 22
Connected to <my-freenas-host-ip>.
Escape character is '^]'.
Possible relevant parts from the freebsd sshd man page:
Banner The contents of the specified file are sent to the remote user
before authentication is allowed. If the argument is ``none''
then no banner is displayed. By default, no banner is displayed.
Optionally specifies additional text to append to the SSH proto-
col banner sent by the server upon connection. The default is
``FreeBSD-20160310''. The value ``none'' may be used to disable
#1 Updated by Kris Moore about 4 years ago
- Status changed from Unscreened to Needs Developer Review
- Assignee changed from Alexander Motin to William Grzybowski
- Priority changed from No priority to Nice to have
- Target version set to 11.0
I've disabled the VersionAddendum now, which should make the banner appear as:
^^^ This part is required for SSH