Where is OpenSSH?
wacky at wacky.ws
Mon Mar 22 19:42:10 PST 2004
Openssh is part of the base system so you wont see it via pkg_info.
If you are looking to upgrade to a version other than what is in the
base system look at
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ports-using.html. Once you are familiar with ports take a look in /usr/ports/security for a more recent release.
As far as security updates go take a look at
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/ for a list of
security advisories and details about patching them.
On 03/22/04 22:23:25, Miguel wrote:
> I have several RH-9 servers that I'd like to migrate to FreeBSD 4.9
> latter this year. So I put up a test 4.9 server to get fully
> acquainted before heading off to a new universe [grin].
> My Question: I read a CERT notification about the OpenSSH
> vulnerability (just a few days ago) so if needed, I'd like to apply
> an upgraded OpenSSH to the FreeBSD server. But when I went to the
> freebsd.org's errata page
> (http://www.freebsd.org/releases/4.9R/errata.html), I didn't see a
> reporting of the OpenSSH vulnerability.
> Is FreeBSD's OpenSSH not vulnerable then? (I guess not??)
> However... where is OpenSSH?
> After running cvsup and "make index && make readmes", I ran
> "pkg_version -v". The output showed that all of my installed
> programs were up to date with the ports (am I reading this right?).
> I ran "pkg_info" and there was no OpenSSH, only "OpenSSH-askpass".
> [BTW, here is my supfile]
> *default host=cvsup6.FreeBSD.org
> *default base=/usr
> *default prefix=/usr
> *default release=cvs tag=RELENG_4_9
> *default delete use-rel-suffix
> On my Redhat boxes I just run "apt-get" and the patched OpenSSH
> packages are right there.
> I'm fairly new at FreeBSD so please forgive my stumblings about :)
> Thank you,
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-questions-
> unsubscribe at freebsd.org"
More information about the freebsd-questions