content:en_us:kb_3rdparty_security_metrics_ssh_protocol_versions_supported

SSH Protocol Versions Supported

This entry from Security Metrics indicates that there may be some risk associated with knowing what protocol versions are supported by your SSH server.

ClearCenter response

Short response

Negotiation of protocol version is allowed under protocol. This is not a risk.

Long response

As part of the negotiation phase of SSH authentication, both the client and the server can announce under what protocols they are able to talk to each other. This negotiation is a standard procedure for the protocol and does not specifically indicate a risk but is rather normal operating procedure.

Resolution

No action is required.

content/en_us/kb_3rdparty_security_metrics_ssh_protocol_versions_supported.txt · Last modified: 2015/01/29 16:47 (external edit)