diff -uprk.orig openssh-3.6.1p1.orig/readconf.c openssh-3.6.1p1/readconf.c
--- openssh-3.6.1p1.orig/readconf.c	2003-04-01 15:43:39 +0400
+++ openssh-3.6.1p1/readconf.c	2003-04-11 23:46:44 +0400
@@ -108,7 +108,7 @@ typedef enum {
 	oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
 	oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
 	oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts,
-	oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs,
+	oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs, oSshVersion,
 	oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
 	oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
 	oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
@@ -162,6 +162,7 @@ static struct {
 	{ "ciphers", oCiphers },
 	{ "macs", oMacs },
 	{ "protocol", oProtocol },
+	{ "sshversion", oSshVersion },
 	{ "remoteforward", oRemoteForward },
 	{ "localforward", oLocalForward },
 	{ "user", oUser },
@@ -442,6 +443,10 @@ parse_flag:
 		charptr=&options->xauth_location;
 		goto parse_string;
 
+	case oSshVersion:
+		charptr = &options->ssh_version;
+		goto parse_string;
+
 	case oUser:
 		charptr = &options->user;
 parse_string:
@@ -776,6 +781,7 @@ initialize_options(Options * options)
 	options->macs = NULL;
 	options->hostkeyalgorithms = NULL;
 	options->protocol = SSH_PROTO_UNKNOWN;
+	options->ssh_version = NULL;
 	options->num_identity_files = 0;
 	options->hostname = NULL;
 	options->host_key_alias = NULL;
@@ -871,6 +877,8 @@ fill_default_options(Options * options)
 	/* options->hostkeyalgorithms, default set in myproposals.h */
 	if (options->protocol == SSH_PROTO_UNKNOWN)
 		options->protocol = SSH_PROTO_1|SSH_PROTO_2;
+	if (options->ssh_version == NULL)
+		options->ssh_version = SSH_VERSION;
 	if (options->num_identity_files == 0) {
 		if (options->protocol & SSH_PROTO_1) {
 			len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1;
diff -uprk.orig openssh-3.6.1p1.orig/readconf.h openssh-3.6.1p1/readconf.h
--- openssh-3.6.1p1.orig/readconf.h	2003-04-01 15:43:40 +0400
+++ openssh-3.6.1p1/readconf.h	2003-04-11 23:46:44 +0400
@@ -73,6 +73,7 @@ typedef struct {
 	char   *macs;		/* SSH2 macs in order of preference. */
 	char   *hostkeyalgorithms;	/* SSH2 server key types in order of preference. */
 	int	protocol;	/* Protocol in order of preference. */
+	char   *ssh_version;	/* Software version as it will be reported to peer. */
 	char   *hostname;	/* Real host to connect. */
 	char   *host_key_alias;	/* hostname alias for .ssh/known_hosts */
 	char   *proxy_command;	/* Proxy command for connecting the host. */
diff -uprk.orig openssh-3.6.1p1.orig/servconf.c openssh-3.6.1p1/servconf.c
--- openssh-3.6.1p1.orig/servconf.c	2003-04-11 23:46:31 +0400
+++ openssh-3.6.1p1/servconf.c	2003-04-11 23:46:44 +0400
@@ -57,6 +57,7 @@ initialize_server_options(ServerOptions 
 
 	/* Portable-specific options */
 	options->pam_authentication_via_kbd_int = -1;
+	options->ssh_version = NULL;
 
 	/* Standard Options */
 	options->num_ports = 0;
@@ -136,6 +137,8 @@ fill_default_server_options(ServerOption
 	/* Portable-specific options */
 	if (options->pam_authentication_via_kbd_int == -1)
 		options->pam_authentication_via_kbd_int = 0;
+	if (options->ssh_version == NULL)
+		options->ssh_version = SSH_VERSION;
 
 	/* Standard Options */
 	if (options->protocol == SSH_PROTO_UNKNOWN)
@@ -287,6 +290,7 @@ typedef enum {
 	sBadOption,		/* == unknown option */
 	/* Portable-specific options */
 	sPAMAuthenticationViaKbdInt,
+	sSshVersion,
 	/* Standard Options */
 	sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
 	sPermitRootLogin, sLogFacility, sLogLevel,
@@ -324,6 +328,7 @@ static struct {
 } keywords[] = {
 	/* Portable-specific options */
 	{ "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt },
+	{ "sshversion", sSshVersion },
 	/* Standard Options */
 	{ "port", sPort },
 	{ "hostkey", sHostKeyFile },
@@ -476,6 +481,15 @@ process_server_config_line(ServerOptions
 		intptr = &options->pam_authentication_via_kbd_int;
 		goto parse_flag;
 
+	case sSshVersion:
+		arg = strdelim(&cp);
+		if (!arg || *arg == '\0')
+			fatal("%s line %d: missing argument.",
+			    filename, linenum);
+		if ( !options->ssh_version )
+			options->ssh_version = xstrdup(arg);
+		break;
+
 	/* Standard Options */
 	case sBadOption:
 		return -1;
diff -uprk.orig openssh-3.6.1p1.orig/servconf.h openssh-3.6.1p1/servconf.h
--- openssh-3.6.1p1.orig/servconf.h	2003-04-11 23:46:31 +0400
+++ openssh-3.6.1p1/servconf.h	2003-04-11 23:46:44 +0400
@@ -62,6 +62,7 @@ typedef struct {
 	char   *ciphers;	/* Supported SSH2 ciphers. */
 	char   *macs;		/* Supported SSH2 macs. */
 	int	protocol;	/* Supported protocol versions. */
+	char   *ssh_version;	/* Software version as it will be reported to peer. */
 	int     gateway_ports;	/* If true, allow remote connects to forwarded ports. */
 	SyslogFacility log_facility;	/* Facility for system logging. */
 	LogLevel log_level;	/* Level for system logging. */
diff -uprk.orig openssh-3.6.1p1.orig/ssh_config.5 openssh-3.6.1p1/ssh_config.5
--- openssh-3.6.1p1.orig/ssh_config.5	2003-04-01 15:42:14 +0400
+++ openssh-3.6.1p1/ssh_config.5	2003-04-11 23:46:44 +0400
@@ -457,6 +457,9 @@ This means that
 .Nm ssh
 tries version 2 and falls back to version 1
 if version 2 is not available.
+.It Cm SshVersion
+Specifies software version as it will be reported to peer.
+Default is the current version, i.e. OpenSSH_3.6.1p1.
 .It Cm ProxyCommand
 Specifies the command to use to connect to the server.
 The command
diff -uprk.orig openssh-3.6.1p1.orig/sshconnect.c openssh-3.6.1p1/sshconnect.c
--- openssh-3.6.1p1.orig/sshconnect.c	2003-04-11 23:46:30 +0400
+++ openssh-3.6.1p1/sshconnect.c	2003-04-11 23:46:44 +0400
@@ -446,7 +446,7 @@ ssh_exchange_identification(void)
 	snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n",
 	    compat20 ? PROTOCOL_MAJOR_2 : PROTOCOL_MAJOR_1,
 	    compat20 ? PROTOCOL_MINOR_2 : minor1,
-	    SSH_VERSION);
+	    options.ssh_version);
 	if (atomicio(write, connection_out, buf, strlen(buf)) != strlen(buf))
 		fatal("write: %.100s", strerror(errno));
 	client_version_string = xstrdup(buf);
diff -uprk.orig openssh-3.6.1p1.orig/sshd.c openssh-3.6.1p1/sshd.c
--- openssh-3.6.1p1.orig/sshd.c	2003-04-11 23:46:31 +0400
+++ openssh-3.6.1p1/sshd.c	2003-04-11 23:46:44 +0400
@@ -373,7 +373,7 @@ sshd_exchange_identification(int sock_in
 		major = PROTOCOL_MAJOR_1;
 		minor = PROTOCOL_MINOR_1;
 	}
-	snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n", major, minor, SSH_VERSION);
+	snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n", major, minor, options.ssh_version);
 	server_version_string = xstrdup(buf);
 
 	if (client_version_string == NULL) {
diff -uprk.orig openssh-3.6.1p1.orig/sshd_config.5 openssh-3.6.1p1/sshd_config.5
--- openssh-3.6.1p1.orig/sshd_config.5	2003-04-11 23:46:31 +0400
+++ openssh-3.6.1p1/sshd_config.5	2003-04-11 23:47:47 +0400
@@ -546,6 +546,9 @@ Specifying
 .Dq 2,1
 is identical to
 .Dq 1,2 .
+.It Cm SshVersion
+Specifies software version as it will be reported to peer.
+Default is the current version, i.e. OpenSSH_3.6.1p1.
 .It Cm PubkeyAuthentication
 Specifies whether public key authentication is allowed.
 The default is