Upgrading OpenSSH ...
Simon Barner
barner at in.tum.de
Thu Sep 18 07:33:10 PDT 2003
Hi,
> II am trying to upgrade OpenSSH whihc is default in freeBSD .
> I am trying it using /usr/ports/security/openssh
>
> all the installation went good way .
> I rebooted my system to the frsh installation of SSH to come into action ,But when i gave
> #ssh -V
> it showed me the same old version
>
> Any solution about how to go about the upgradation will be appreciated .....
I think you were using the base system's ssh installation before (which
is located in /usr ). When you installed the OpenSSH port, you got a second
installation in /usr/local.
Please use `which ssh' and `which sshd' in order to confirm this
assumption. If it is true, then you have the following options:
1. Switch to the ports ssh -> since you already installed the port, you
only need to remove your ssh stuff in /usr, e.g. /usr/bin/ssh,
/usr/sbin/sshd, (kill the sshd before deleting it, but this will only
work if you are not currently logged in via ssh :-)...
Additionally, you have to tell the system to use the sshd in /usr/local,
so you should add the following line to /etc/rc.conf
sshd_program="/usr/local/sbin/sshd"
In order to preserve your settings from the base system, you should
carefully merge the configuration files in /usr/local/etc/ssh with your old
ones in /etc/ssh.
You should also put NO_OPENSSH=true into /etc/make.conf in order to
exclude OpenSSH from the following buildworlds.
2. Patch your base system's ssh as described here:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:12.openssh.asc
You should also delete the port in order to prevent future confusion
3. Delete the ssh port, and re-install it with PREFIX=/usr. This will
overwrite your base system's ssh, but I don't know whether this solution
is supported, and I don't think that it is the cleanest one...
NO_OPENSSH=true in make.conf is of course also required.
I'd recommend to employ either option 1 or 2.
Regards,
Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: Digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20030918/96870a4f/attachment.bin
More information about the freebsd-questions
mailing list