From owner-freebsd-current@FreeBSD.ORG Wed Apr 23 17:49:51 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AEDC037B401 for ; Wed, 23 Apr 2003 17:49:51 -0700 (PDT) Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by mx1.FreeBSD.org (Postfix) with ESMTP id AD3B043FD7 for ; Wed, 23 Apr 2003 17:49:50 -0700 (PDT) (envelope-from des@ofug.org) Received: by flood.ping.uio.no (Postfix, from userid 2602) id CD8575308; Thu, 24 Apr 2003 02:49:48 +0200 (CEST) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Adam From: Dag-Erling Smorgrav Date: Thu, 24 Apr 2003 02:49:47 +0200 In-Reply-To: <1051119796.38751.30.camel@jake> (Adam's message of "23 Apr 2003 13:43:17 -0400") Message-ID: User-Agent: Gnus/5.090015 (Oort Gnus v0.15) Emacs/21.2 References: <1051119796.38751.30.camel@jake> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii cc: freebsd-current@freebsd.org Subject: Re: HEADS UP: OpenSSH upgrade X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2003 00:49:52 -0000 Adam writes: > On Wed, 2003-04-23 at 13:29, Dag-Erling Smorgrav wrote: > > I've just upgraded OpenSSH to 3.6.1p1. Please exercise due care when > > upgrading, > Can you elaborate? IIRC, updating OpenSSH last time was a no-brainer. > What precautions should be taken? There is always a certain amount of risk, mostly because the number of combinations and variations supported by OpenSSH + PAM are far beyond my ability to test exhaustively (or do more than just scratch the surface). Standard precautions include not upgrading remote systems unless you can accept a slight chance that you will be locked out when it reboots (if something went wrong with sshd). DES -- Dag-Erling Smorgrav - des@ofug.org