scottro at nyc.rr.com
Fri Sep 24 08:50:59 PDT 2004
On Fri, Jun 28, 2002 at 06:52:40PM -0600, Scott Gerhardt wrote:
> For the sshd fix, could't I just strip the base openssh from the system and
> install the updated openssh-3.4 from the ports?
> If so, what is the best method to disable/eliminate openssh from the base
This is what I did, and it seems to work. (I'd be grateful if someone
pointed out anything I did wrong. Part of it was gotten from a post
by someone else, and the rest I figured out, for better or worse, on
cvsup ports to make sure you have 3.4.
Change enable_sshd="YES" to a "NO"
add the line
In /usr/local/etc/rc.d you'll find that it's put a script called
sshd.sh.sample. Rename that to sshd.sh
You've probably seen the various advisories that suggest taking the
ChallengeResponse line and changing it to no (and uncomment it as
Lastly, until I renamed /usr/sbin/sshd, it kept giving me the old
version number--so, stop sshd, and rename /usr/sbin/sshd to something
else. Then, start the new one
This seems to work.
To Unsubscribe: send mail to majordomo at FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
More information about the freebsd-questions