Of the several suggestions, the correct answer (from Christopher Barnard and John Stoffel) is that the sshd versions on the servers are different. It seems the password request line is embedded in sshd. Openssh, linux distributions, and older Sun SSH versions of openssh give the username and fully qualified machine name when asking for the password. More recent distributions from Sun have removed that and simply ask for the password. In my case, Solaris 9 servers with # ssh -V SSH Version Sun_SSH_1.0.1, protocol versions 1.5/2.0. disclosed username and machine information when asking for the password. Solaris 9 and 10 servers with # ssh -V Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090700f or Sun_SSH_1.1.3, SSH protocols 1.5/2.0, OpenSSL 0x0090704f did not. I presume it's a security issue, since it "discloses information." However, it would seem that whoever is trying to ssh to the machine with that user name already has that information. For example, if I ssh to ralph at one of my servers, the result is ralph@node.network's password: even though the user ralph does not exist. So, it's neither confirming nor denying, but rather simply reflecting back what the other end submitted. Anyway, it seems final confirmation of the answer to my question comes from the source code, where I found in sshconnect2.c the following: snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ", authctxt->server_user, host); That's for openssh-5.6p1. -- --------------- Chris Hoogendyk - O__ ---- Systems Administrator c/ /'_ --- Biology& Geology Departments (*) \(*) -- 140 Morrill Science Center ~~~~~~~~~~ - University of Massachusetts, Amherst <hoogendyk@bio.umass.edu> --------------- Erdvs 4 -------- Original Message -------- Subject: configuring sshd's password request line Date: Wed, 29 Sep 2010 14:31:19 -0400 From: Chris Hoogendyk <hoogendyk@bio.umass.edu> To: Sun Managers List <sunmanagers@sunmanagers.org> This is silly. I have quite a few Solaris 9 and 10 systems on SPARC from E250 to T5220. When I ssh to most of them, I get the /etc/issue that I made and then a simple "Password: " request. On a few of them, I get the /etc/issue and then the password request line of the form "username@node.network's password: ". I picked out two Solaris 9 on E250 systems that exhibit this difference, and went through everything in /etc/ssh/sshd_config and /etc/defaults/* trying to find what was different and where I could control that. It's probably something I did in setting them up. But, I've forgotten, if so, and I couldn't find anything different about the two systems in those configuration files. They happen to be somewhat different in patch levels: SunOS mormyrid 5.9 Generic_118558-35 sun4u sparc SUNW,Ultra-250 SunOS snapper 5.9 Generic_118558-11 sun4u sparc SUNW,Ultra-250 But I'm stuck and my google fu has failed me as well. Where is the magic that will change that? And perhaps the appropriate man page or documentation with details? TIA -- --------------- Chris Hoogendyk - O__ ---- Systems Administrator c/ /'_ --- Biology& Geology Departments (*) \(*) -- 140 Morrill Science Center ~~~~~~~~~~ - University of Massachusetts, Amherst <hoogendyk@bio.umass.edu> --------------- Erdvs 4 _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagers _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Tue Oct 5 15:12:14 2010
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:44:17 EST