diff -ur openssh-3.6.1p2-orig/misc.c openssh-3.6.1p2/misc.c
--- openssh-3.6.1p2-orig/misc.c	2004-01-07 09:42:39.000000000 -0800
+++ openssh-3.6.1p2/misc.c	2004-01-07 10:46:44.000000000 -0800
@@ -111,7 +111,8 @@
 }
 
 /* Characters considered whitespace in strsep calls. */
-#define WHITESPACE " \t\r\n"
+#define LINEEND    "\r\n"
+#define WHITESPACE " \t" LINEEND
 
 /* return next token in configuration line */
 char *
@@ -141,6 +142,30 @@
 	return (old);
 }
 
+char *
+strlineend(char **s)
+{
+	char *old;
+	int wspace = 0;
+
+	if (*s == NULL)
+		return NULL;
+
+	old = *s;
+
+	*s = strpbrk(*s, LINEEND);
+	if (*s == NULL)
+		return (old);
+
+	*s[0] = '\0';
+
+	*s += strspn(*s + 1, LINEEND) + 1;
+	if (*s[0] == '=' && !wspace)
+		*s += strspn(*s + 1, LINEEND) + 1;
+
+	return (old);
+}
+
 struct passwd *
 pwcopy(struct passwd *pw)
 {
diff -ur openssh-3.6.1p2-orig/misc.h openssh-3.6.1p2/misc.h
--- openssh-3.6.1p2-orig/misc.h	2002-03-21 18:54:25.000000000 -0800
+++ openssh-3.6.1p2/misc.h	2004-01-07 10:46:58.000000000 -0800
@@ -14,6 +14,7 @@
 
 char	*chop(char *);
 char	*strdelim(char **);
+char	*strlineend(char **);
 void	 set_nonblock(int);
 void	 unset_nonblock(int);
 void	 set_nodelay(int);
diff -ur openssh-3.6.1p2-orig/servconf.c openssh-3.6.1p2/servconf.c
--- openssh-3.6.1p2-orig/servconf.c	2004-01-07 09:47:44.000000000 -0800
+++ openssh-3.6.1p2/servconf.c	2004-01-07 11:36:47.000000000 -0800
@@ -118,6 +118,10 @@
 	options->max_startups_rate = -1;
 	options->max_startups = -1;
 	options->banner = NULL;
+	options->proto_version_minor = -1;
+	options->proto_version_major = -1;
+	options->software_version = NULL;
+	options->version_comments = NULL;
 	options->verify_reverse_mapping = -1;
 	options->client_alive_interval = -1;
 	options->client_alive_count_max = -1;
@@ -301,6 +305,8 @@
 	sBanner, sVerifyReverseMapping, sHostbasedAuthentication,
 	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
 	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
+	sProtoVersionMinor, sProtoVersionMajor,
+	sSoftwareVersion, sVersionComments,
 	sUsePrivilegeSeparation,
 	sDeprecated
 } ServerOpCodes;
@@ -380,6 +386,10 @@
 	{ "authorizedkeysfile", sAuthorizedKeysFile },
 	{ "authorizedkeysfile2", sAuthorizedKeysFile2 },
 	{ "useprivilegeseparation", sUsePrivilegeSeparation},
+	{ "protoversionminor", sProtoVersionMinor},
+	{ "protoversionmajor", sProtoVersionMajor},
+	{ "softwareversion", sSoftwareVersion},
+	{ "versioncomments", sVersionComments},
 	{ NULL, sBadOption }
 };
 
@@ -697,6 +707,24 @@
 		intptr = &options->x11_display_offset;
 		goto parse_int;
 
+	case sProtoVersionMajor:
+		intptr = &options->proto_version_major;
+		goto parse_int;
+
+	case sProtoVersionMinor:
+		intptr = &options->proto_version_minor;
+		goto parse_int;
+
+	case sSoftwareVersion:
+		arg = strdelim(&cp);
+		options->software_version = xstrdup(arg);
+		break;
+
+	case sVersionComments:
+		arg = strlineend(&cp);
+		options->version_comments = xstrdup(arg);
+		break;
+
 	case sX11UseLocalhost:
 		intptr = &options->x11_use_localhost;
 		goto parse_flag;
diff -ur openssh-3.6.1p2-orig/servconf.h openssh-3.6.1p2/servconf.h
--- openssh-3.6.1p2-orig/servconf.h	2002-07-31 18:28:39.000000000 -0700
+++ openssh-3.6.1p2/servconf.h	2004-01-07 10:17:30.000000000 -0800
@@ -114,6 +114,12 @@
 	char   *subsystem_name[MAX_SUBSYSTEMS];
 	char   *subsystem_command[MAX_SUBSYSTEMS];
 
+	/* allow configurable version information overrides */
+	int     proto_version_major;
+	int     proto_version_minor;
+	char   *software_version;
+	char   *version_comments;
+
 	int	max_startups_begin;
 	int	max_startups_rate;
 	int	max_startups;
diff -ur openssh-3.6.1p2-orig/sshd.c openssh-3.6.1p2/sshd.c
--- openssh-3.6.1p2-orig/sshd.c	2004-01-07 09:42:39.000000000 -0800
+++ openssh-3.6.1p2/sshd.c	2004-01-07 10:16:28.000000000 -0800
@@ -353,6 +353,8 @@
 	int i, mismatch;
 	int remote_major, remote_minor;
 	int major, minor;
+	char *software_version=SSH_VERSION;
+	char *version_comments=NULL;
 	char *s;
 	char buf[256];			/* Must not be larger than remote_version. */
 	char remote_version[256];	/* Must be at least as big as buf. */
@@ -368,7 +370,22 @@
 		major = PROTOCOL_MAJOR_1;
 		minor = PROTOCOL_MINOR_1;
 	}
-	snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n", major, minor, SSH_VERSION);
+	if (options.proto_version_major>=0) {
+		major = options.proto_version_major;
+	}
+	if (options.proto_version_minor>=0) {
+		minor = options.proto_version_minor;
+	}
+	if (options.software_version) {
+		software_version = options.software_version;
+	}
+	if (options.version_comments) {
+		version_comments = options.version_comments;
+	}
+	snprintf(buf, sizeof buf, "SSH-%d.%d-%s%s%s\n", major, minor,
+			software_version,
+			version_comments ? " " : "",
+			version_comments ? version_comments : "");
 	server_version_string = xstrdup(buf);
 
 	if (client_version_string == NULL) {
diff -ur openssh-3.6.1p2-orig/sshd_config openssh-3.6.1p2/sshd_config
--- openssh-3.6.1p2-orig/sshd_config	2002-09-26 20:21:58.000000000 -0700
+++ openssh-3.6.1p2/sshd_config	2004-01-07 10:53:48.000000000 -0800
@@ -91,3 +91,9 @@
 
 # override default of no subsystems
 Subsystem	sftp	/usr/libexec/sftp-server
+
+# override reported version information
+#ProtoVersionMajor 1
+#ProtoVersionMinor 99
+#SoftwareVersion 3.6.1p2
+#VersionComments Your friendly neighborhood SSH server
diff -ur openssh-3.6.1p2-orig/sshd_config.5 openssh-3.6.1p2/sshd_config.5
--- openssh-3.6.1p2-orig/sshd_config.5	2003-04-01 03:42:14.000000000 -0800
+++ openssh-3.6.1p2/sshd_config.5	2004-01-07 11:05:53.000000000 -0800
@@ -529,6 +529,12 @@
 .Dq 2,1
 is identical to
 .Dq 1,2 .
+.It Cm ProtoVersionMajor
+Specifies the major version claimed in the handshake banner.
+The default is the true major version.
+.It Cm ProtoVersionMinor
+Specifies the minor version claimed in the handshake banner.
+The default is the true minor version.
 .It Cm PubkeyAuthentication
 Specifies whether public key authentication is allowed.
 The default is
@@ -559,6 +565,9 @@
 .It Cm ServerKeyBits
 Defines the number of bits in the ephemeral protocol version 1 server key.
 The minimum value is 512, and the default is 768.
+.It Cm SoftwareVersion
+Specifies the software version claimed in the handshake banner.
+The default is the true software version.
 .It Cm StrictModes
 Specifies whether
 .Nm sshd
@@ -623,6 +632,9 @@
 very same IP address.
 The default is
 .Dq no .
+.It Cm VersionComments
+Specifies the text following the software version in the handshake banner.
+The default is empty.
 .It Cm X11DisplayOffset
 Specifies the first display number available for
 .Nm sshd Ns 's
