sshd exposing ubuntu version in gitlab-ce docker image

Problem to solve

When running gitlab-ce docker image, it's sshd exposes Ubuntu version from which docker image was build.

Adding the version of Ubuntu to the information that sshd exposes about itself to the outside world is not necessary for normal operation of sshd, but it reduces the security of gitlab installation, allowing automatic security scanners to learn more about how certain gitlab installation is structured from the inside.

How to reproduce:

Run gitlab from docker image (e.g. gitlab/gitlab-ce:17.7.3-ce.0). Then check:

$ telnet your-gitlab-host.com 22
Trying 11.22.33.44...
Connected to your-gitlab-host.com.
Escape character is '^]'.
SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.10
^]
telnet> Connection closed.

Ubuntu-3ubuntu0.10 string is completely redundant, superfluous and unnecessary here.

How to fix:

Add two lines to sshd config (/etc/ssh/sshd_config or /etc/ssh/sshd_config.d/*.conf) inside of docker container:

Banner none
DebianBanner no

Then restart sshd (service ssh restart).

Then check:

$ telnet your-gitlab-host.com 22
Trying 11.22.33.44...
Connected to your-gitlab-host.com.
Escape character is '^]'.
SSH-2.0-OpenSSH_8.9p1
^]
telnet> Connection closed.

Ubuntu-3ubuntu0.10 string has gone.

If we exclude this additional information, the operation of sshd will not be affected in any way.