SSH Client - OpenSSH dependency problem
Nelis Lamprecht
nelis at 8ball.co.za
Fri Jul 23 03:51:34 PDT 2004
On Fri, 2004-07-23 at 08:26, Bryce wrote:
> Dependency warning: used OpenSSL version contains
> known vulnerabilities
> Please update or define either WITH_OPENSSL_BASE or
> WITH_OPENSSL_PORT
>
> Can anyone throw some light on how to fix this?
>
As already mentioned you can just use the base system ssh. If however
you want to upgrade it to a newer version ( advisable if this machine is
accessible to the public ) then you will have to do as the above says.
By default the base system contains openssl in /usr/bin and the openssl
port installs to /usr/local/bin. This is why you're given the option
WITH_OPENSSL_BASE, meaning /usr/bin/openssl or WITH_OPENSSL_PORT,
meaning /usr/local/bin/openssl. Basically it's saying, if you already
have an updated version in base or ports then tell me where it is.
The above is also applicable to openssh. To prevent yourself from
getting confused you could always do the following to both openssl and
openssh after installing/upgrading them from ports:
cd /usr/bin; mv openssl openssl.base; ln -s /usr/local/bin/openssl
openssl
..and the same with ssh which will make sure you always use the latest
version. By default your $PATH is set to use the base version. If you
are going to use the ports then you may also want to ensure the
following are defined in /etc/make.conf
NO_OPENSSH= true
NO_OPENSSL= true
Regards,
--
Nelis Lamprecht
PGP: http://www.8ball.co.za/pgpkey/nelis.asc
"Unix IS user friendly.. It's just selective about who its friends are."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040723/b27361c7/attachment.bin
More information about the freebsd-questions
mailing list