Date: 2020apr15 OS: Linux Product: OpenSSH Server Keywords: obfuscate Q. Linux: Can I hide the version that my ssh server sends (And maybe hide that its an ssh server?) A. With OpenSSH you cannot. At least without modifying the source and recompiling or hacking the executable. It always sends:

SSH-<version>-<comment>

You can see this by doing:

$ nc localhost 22 < /dev/null SSH-2.0-OpenSSH_9.2

Where 22 is your ssh port Not sending this might break some clients. It would be nice to change the name of the product at least. In /etc/ssh/sshd_config you can add:

Banner /etc/ssh/banner.txt

And just some misleading stuff in /etc/ssh/banner.txt like

Welcome to DARPA

Be creative. This is is in addition to the SSH-<version>-<comment> line. It does not replace it.