Telnet into SSH port. - SSH

This is a discussion on Telnet into SSH port. - SSH ; X-No-Archive: Yes Alright so I telnet into my SSH port. "telnet localhost " and here is what I get: "SSH-2.0-OpenSSH_4.6" I type something in and I get: "Protocol mismatch. Connection to host lost." Can some please explain this to me? ...

+ Reply to Thread
Results 1 to 6 of 6

Thread: Telnet into SSH port.

  1. Telnet into SSH port.

    X-No-Archive: Yes

    Alright so I telnet into my SSH port.
    "telnet localhost "
    and here is what I get:
    "SSH-2.0-OpenSSH_4.6"
    I type something in and I get: "Protocol mismatch. Connection to host
    lost."

    Can some please explain this to me?
    Isn't this a bad idea? Someone can just telnet into this port and know
    that an sshd is running, specifically "SSH-2.0-OpenSSH_4.6".
    Can I turn this off?


  2. Re: Telnet into SSH port.

    >>>>> "purpmint008" == purpmint008 writes:

    purpmint008> Alright so I telnet into my SSH port. "telnet localhost
    purpmint008> " and here is what I get:
    purpmint008> "SSH-2.0-OpenSSH_4.6" I type something in and I get:
    purpmint008> "Protocol mismatch. Connection to host lost."

    purpmint008> Can some please explain this to me? Isn't this a bad
    purpmint008> idea? Someone can just telnet into this port and know
    purpmint008> that an sshd is running, specifically
    purpmint008> "SSH-2.0-OpenSSH_4.6". Can I turn this off?

    http://www.snailbook.com/faq/version-string.auto.html

    --
    Richard Silverman
    res@qoxp.net


  3. Re: Telnet into SSH port.

    X-No-Archive: Yes

    On Aug 17, 12:47 pm, "Richard E. Silverman" wrote:
    > http://www.snailbook.com/faq/version-string.auto.html
    >
    > --
    > Richard Silverman
    > r...@qoxp.net


    Thanks.
    SSH is pretty secure but alright.
    I used wireshark to check out the connection in action and I noticed
    another batch of strings.
    Something along the lines of naming the algorithms (in preferential
    order as set by PuTTY).
    I saw "diffie hellman" etc.


  4. Re: Telnet into SSH port.

    >>>>> "purpmint008" == purpmint008 writes:

    purpmint008> On Aug 17, 12:47 pm, "Richard E. Silverman"
    purpmint008> wrote:
    >> http://www.snailbook.com/faq/version-string.auto.html
    >>
    >> -- Richard Silverman r...@qoxp.net


    purpmint008> Thanks. SSH is pretty secure but alright.
    purpmint008> I used wireshark to check out the connection in action and I
    purpmint008> noticed another batch of strings. Something along the
    purpmint008> lines of naming the algorithms (in preferential order as
    purpmint008> set by PuTTY). I saw "diffie hellman" etc.

    Yes, this is part of the key exchange protocol. You have to negotiate
    which security algorithms to use before using them, so of course this part
    of the protocol is not encrypted -- it happens before the speakers have
    chosen an encryption algorithm to use.

    --
    Richard Silverman
    res@qoxp.net


  5. Re: Telnet into SSH port.

    purpmint008@gmail.com writes:

    > Alright so I telnet into my SSH port.
    > "telnet localhost "
    > and here is what I get:
    > "SSH-2.0-OpenSSH_4.6"
    > I type something in and I get: "Protocol mismatch. Connection to host
    > lost."


    Normal operation.

    > Can some please explain this to me?
    > Isn't this a bad idea? Someone can just telnet into this port and know
    > that an sshd is running, specifically "SSH-2.0-OpenSSH_4.6".
    > Can I turn this off?


    /etc/init.d/sshd stop

    But that may not be what you want. :-)

    Just stay patched and allow sshd to negotiate its protocols with
    clients. Consider moving it somewhere other than port 22 if you'd
    like to avoid the onslaught of script kiddie attacks against port 22.


    --
    Todd H.
    http://www.toddh.net/

  6. Re: Telnet into SSH port.

    X-No-Archive: Yes

    I have moved my SSHd to one of the dynamic ports (Ports 49152 to
    65535?).
    So I guess some plaintext strings are necessary for the SSH protocol
    to function.
    That's alright though since the rest of the protocol (ver. 2) is
    extremely safe thanks
    to public-key authentication and diffie-hellman exchange.

    Thanks for the clarification guys!


+ Reply to Thread