openssh-unix-dev July 2011 archive
Main Archive Page > Month Archives  > openssh-unix-dev archives
openssh-unix-dev: Re: Timing of banner

Re: Timing of banner

From: Ángel González <keisial_at_nospam>
Date: Fri Jul 01 2011 - 22:30:16 GMT
To: Bob Rasmussen <ras@anzio.com>

Bob Rasmussen wrote:
> Damien, thanks for the explanation.
>
> My user's point has a certain validity, I think: the user isn't seeing
> what they're logging into before giving a username. One might even
> consider it a security issue, identifying yourself before you know who
> you're talking to (although I realize the fingerprint verification
> mitigates this).
You should train your user to check whatever clues your client provides of
the target, such as "the window title displays: server5.example.org
[Verified]"

You could also add your own "banner" to the client, by making it show
something
like
Connecting to server5.example.org
The server is the same I met previously.

As you are the ones making the client software, the options are endless.
You could
for instance allow showing aliases instead of full domain names.

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev