For HTTP, logging and fingerprinting browser user agents is standard practice. Many anti-automation tricks use the user agent and compare it to other browser artifacts, for example, supported JavaScript APIs, to detect bots. SSH offers an “identification string” with a format mandated by RFC 4253.
Article Link: https://isc.sans.edu/diary/rss/30520