updating system version of OpenSSH

greg at grokking.org greg at grokking.org
Fri Feb 25 20:15:10 GMT 2005

David Newman wrote:
> What is the procedure for patching/updating system
> version of OpenSSH on an FBSD 5.2.1 box?
> I used the excellent Rootkit Hunter security
> assessment tool:
> http://www.rootkit.nl/projects/rootkit_hunter.html
> and it found that I'm running OpenSSH 3.6.1p1, which
> has at least one vulnerability.
> I only know how to install/upgrade from ports. OpenSSH
> is part of the ports collection, but the build I'm
> running was included with the OS. 
> What's the right way to proceed here?
> thanks

Someone please correct me if I'm wrong on this but I believe rkhunter is 
just checking the version 3.6.1 and doesn't account for the 'p1' part 
which refers to a FBSD patch that corrected the vulnerability rkhunter 
is referring to.

IOW, I don't think you need to update ssh on 5.2.1 if your motive is 
merely that rkhunter flagged it.

To be sure, check the older security advisories at freebsd.org and I bet 
you'll find a reference to it.


More information about the freebsd-questions mailing list