Updating OpenSSH

Chris chrcoluk at gmail.com
Sun Feb 26 15:32:35 PST 2006

On 26/02/06, Erik Nørgaard <norgaard at locolomo.org> wrote:
> Daniel A. wrote:
> > So, basically, if I want the newest version of OpenSSH running on my
> > system, I have to not use the one shipped with 6.0-RELEASE, and
> > install OpenSSH from ports?
> Please don't toppost.
> Installing from ports you'll get version 3.6.1. Before you get paranoid,
> check the changelog - are there any changes that you actually need? do
> they provide increased security?
> Cheers, Erik
> --
> Ph: +34.666334818                           web: http://www.locolomo.org
> S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt
> Subject ID:  A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9
> Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2
> _______________________________________________

I use the openssh-portable there is one change regarding compression that
fixes a security problem that wasnt ported over to the security branch and
another security flaw which I believe made it to a security list but I
cannot remember which one.  Again this didnt make the security branch.  I
also think its a good idea to keep upto date incase they patch up
unpublished vulnerabilities that they keep private.  Regarding stopping
users running base version there are a few ways to do it ranging from
deleting the base binaries and disabling it in make.conf so doesnt get
rebuilt on a buildworld to making sure /usr/local/bin comes before the
/usr/bin in path so when ssh is typed the portable version is ran.


More information about the freebsd-questions mailing list