Merge branch 'hans/ssh/banner_grabbing/OTP-12659' into maint-17

* hans/ssh/banner_grabbing/OTP-12659:
  ssh: added id_string option for server and client

1 files changed, 17 insertions, 0 deletions

diff --git a/lib/ssh/doc/src/ssh.xml b/lib/ssh/doc/src/ssh.xml
index 0e7e3848ad..72dafc0c09 100644
--- a/lib/ssh/doc/src/ssh.xml
+++ b/lib/ssh/doc/src/ssh.xml
@@ -180,6 +180,15 @@
 	  <item>
 	    <p>If true, the client will not print out anything on authorization.</p>
 	  </item>
+
+	  <tag><c><![CDATA[{id_string, random | string()}]]></c></tag>
+	  <item>
+	    <p>The string that the client presents to a connected server initially.  The default value is "Erlang/VSN" where VSN is the ssh application version number.
+	    </p>
+	    <p>The value <c>random</c> will cause a random string to be created at each connection attempt.  This is to make it a bit more difficult for a malicious peer to find the ssh software brand and version.
+	    </p>
+	  </item>
+
 	  <tag><c><![CDATA[{fd, file_descriptor()}]]></c></tag>
 	  <item>
 	    <p>Allow an existing file descriptor to be used
@@ -344,6 +353,14 @@
 	    </p>
 	  </item>
 
+	  <tag><c><![CDATA[{id_string, random | string()}]]></c></tag>
+	  <item>
+	    <p>The string the daemon will present to a connecting peer initially.  The default value is "Erlang/VSN" where VSN is the ssh application version number.
+	    </p>
+	    <p>The value <c>random</c> will cause a random string to be created at each connection attempt.  This is to make it a bit more difficult for a malicious peer to find the ssh software brand and version.
+	    </p>
+	  </item>
+
 	  <tag><c><![CDATA[{key_cb, atom()}]]></c></tag>
 	  <item>
 	    <p>Module implementing the behaviour <seealso marker="ssh_server_key_api">ssh_server_key_api</seealso>.