Date: Mon, 1 Jul 2002 09:50:22 -0400 From: "Peter C. Lai" <sirmoo@cowbert.2y.net> To: "Jack L. Stone" <jackstone@sage-one.net> Cc: Scott Robbins <scottro@nyc.rr.com>, FreeBSD user <freebsd@XtremeDev.com>, Scott Gerhardt <scott@gerhardt-it.com>, FreeBSD <freebsd-questions@FreeBSD.ORG>, freebsd-security@FreeBSD.ORG Subject: Re: Sshd fix Message-ID: <20020701095022.A20329@cowbert.2y.net> In-Reply-To: <3.0.5.32.20020629192508.0117cc50@mail.sage-one.net>; from jackstone@sage-one.net on Sat, Jun 29, 2002 at 07:25:08PM -0500 References: <3.0.5.32.20020629173550.0117cc50@mail.sage-one.net> <B94260F8.FFB%scott@gerhardt-it.com> <3.0.5.32.20020629173550.0117cc50@mail.sage-one.net> <20020630004754.GA2600@scott1.homeunix.net> <3.0.5.32.20020629192508.0117cc50@mail.sage-one.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jun 29, 2002 at 07:25:08PM -0500, Jack L. Stone wrote: > At 07:47 PM 6.29.2002 -0500, Scott Robbins wrote: > >On Sat, Jun 29, 2002 at 05:35:50PM -0500, Jack L. Stone wrote: > >> At 07:07 PM 6.28.2002 -0600, FreeBSD user wrote: > >> >cd /usr/ports/security/openssh-portable && make -DOPENSSH_OVERWRITE_BASE > >> install distclean > >> > > >> I just ran this on a test box and the sshd version shows no change... I saw > >> it compile and install, but #sshd -V gives old version #... > >> > >> What did I do wrong here...?? > > > >BTW after the other Scott's post, I tried it his way--leaving out > >sshd_enable and sshd_program. Worked quite well--also, one reason I > >haven't done the overwrite option--as Jonathan said, won't that get > >clobbered next time you do make world? > > > >Interestingly enough, pkg-message suggests doing this--leaving > >sshd_enable at YES, adding sshd_program and then editing the path, (I > >assume root's) so that /usr/local/sbin comes before /usr/sbin. > >However, I've found the lazy man's way, which seems to be efficient as > >well, to be a combination of Jonathan's and the other Scott's. > > > >I realize this is not exactly what Jack is asking, but I'm wondering > >too--if one does the OVERWRITE, won't it get clobbered upon the next > >make world? > > > >Thanks > >Scott Robbins > >> > This is what worries me too. I deinstalled the ssh port right afterwards, > but I'm wondering what else is changed. I noticed it updated the > openssl-0.9.6a to 0.9.6d that I didn't expect. The /var/db/pkg shows that > "d" version installed. > > I'm running SSL on that machine and it still says 0.9.6.a when I load > Apache_modssl and OpenSSH, etc. But, NOW, I'm really worried that I shot > myself in the foot and this is waiting to bite me later. ssl for apache (both apache13-modssl and apache13-ssl) statically links openssl. If you want to upgrade your modssl to use the new openssl, you should recompile and reinstall it. > > If anyone knows the answer to what Scott said about the next make world > clobbering things, please let me know.... > > Best regards, > Jack L. Stone, > Administrator > > SageOne Net > http://www.sage-one.net > jackstone@sage-one.net > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology | Undergraduate Research Assistant http://cowbert.2y.net/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020701095022.A20329>