diff --git a/kippo.cfg.dist b/kippo.cfg.dist
index 3bac52c..4222036 100644
--- a/kippo.cfg.dist
+++ b/kippo.cfg.dist
@@ -110,6 +110,32 @@ private_key = private.key
 # (default: not specified)
 #fake_addr = 192.168.66.254
 
+# SSH Version String 
+#
+# Use this to disguise your honeypot from a simple SSH version scan
+# frequent Examples: (found experimentally by scanning ISPs)
+# SSH-2.0-OpenSSH_5.1p1 Debian-5
+# SSH-1.99-OpenSSH_4.3 
+# SSH-1.99-OpenSSH_4.7 
+# SSH-1.99-Sun_SSH_1.1 
+# SSH-2.0-OpenSSH_4.2p1 Debian-7ubuntu3.1
+# SSH-2.0-OpenSSH_4.3 
+# SSH-2.0-OpenSSH_4.6 
+# SSH-2.0-OpenSSH_5.1p1 Debian-5
+# SSH-2.0-OpenSSH_5.1p1 FreeBSD-20080901
+# SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu5
+# SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu6
+# SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu7
+# SSH-2.0-OpenSSH_5.5p1 Debian-6
+# SSH-2.0-OpenSSH_5.5p1 Debian-6+squeeze1
+# SSH-2.0-OpenSSH_5.5p1 Debian-6+squeeze2
+# SSH-2.0-OpenSSH_5.8p2_hpn13v11 FreeBSD-20110503
+# SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1
+# SSH-2.0-OpenSSH_5.9
+#
+# (default: "SSH-2.0-OpenSSH_5.1p1 Debian-5")
+ssh_version_string = SSH-2.0-OpenSSH_5.1p1 Debian-5
+
 # Banner file to be displayed before the first login attempt.
 #
 # (default: not specified)
diff --git a/kippo/core/honeypot.py b/kippo/core/honeypot.py
index 9b0dbbf..f4047d6 100644
--- a/kippo/core/honeypot.py
+++ b/kippo/core/honeypot.py
@@ -640,10 +640,16 @@ class HoneyPotSSHFactory(factory.SSHFactory):
             self.dbloggers.append(dblogger)
 
     def buildProtocol(self, addr):
+        cfg = config()
+
         # FIXME: try to mimic something real 100%
         t = HoneyPotTransport()
 
-        t.ourVersionString = 'SSH-2.0-OpenSSH_5.1p1 Debian-5'
+        if cfg.has_option('honeypot', 'ssh_version_string'):
+            t.ourVersionString = cfg.get('honeypot','ssh_version_string')
+        else:
+            t.ourVersionString = "SSH-2.0-OpenSSH_5.1p1 Debian-5"
+
         t.supportedPublicKeys = self.privateKeys.keys()
 
         if not self.primes: