From owner-freebsd-questions@FreeBSD.ORG  Tue Sep 16 12:10:45 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id ADD7F16A4B3
	for <freebsd-questions@freebsd.org>;
	Tue, 16 Sep 2003 12:10:45 -0700 (PDT)
Received: from mail3.panix.com (mail3.panix.com [166.84.1.74])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0F15043FD7
	for <freebsd-questions@freebsd.org>;
	Tue, 16 Sep 2003 12:10:45 -0700 (PDT)
	(envelope-from jester@panix.com)
Received: from panix2.panix.com (panix2.panix.com [166.84.1.2])
	by mail3.panix.com (Postfix) with ESMTP id 57D6998260
	for <freebsd-questions@freebsd.org>;
	Tue, 16 Sep 2003 15:10:44 -0400 (EDT)
Received: (from jester@localhost)
	by panix2.panix.com (8.11.6p2/8.8.8/PanixN1.1) id h8GJAhW19548
	for freebsd-questions@freebsd.org;
	Tue, 16 Sep 2003 15:10:43 -0400 (EDT)
Date: Tue, 16 Sep 2003 15:10:43 -0400
From: Jesse Sheidlower <jester@panix.com>
To: freebsd-questions@freebsd.org
Message-ID: <20030916191043.GA18846@panix.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.4.1i
Subject: Re: Upgrading sshd?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Sep 2003 19:10:45 -0000

At 07:24 PM 9/16/03 +0300, you wrote:
>Hi all,
>
>Refering to the latest sshd vurnability 
>(http://slashdot.org/articles/03/09/16/1327248.shtml?tid=126&tid=172) I 
>was thinking of upgradeing my sshd as well. So I cvsup'ed my system (FBSD 
>4.8) and there seems to be a updated file for sshd. But how do I upgrade 
>sshd safly since when I type 'pkg_info |grep ssh' it return no packages. I 
>guess sshd is included somehow by the default install (??) but how can I 
>now upgrade it? I was thinking of portupgrade, but it needs a package to 
>upgrade...

There's a FreeBSD Security Advisory out that gives explicit details
on how to implement a fix for OpenSSH running as part of the core
system:

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03%3A12.openssh.asc

There seems to be a typo in one line; in the section on restarting sshd

(. /etc/rc.conf && ${sshd_program:-/usr/bin/sshd} ${sshd_flags})
                                        ^

should I think be sbin.

Jesse Sheidlower