From owner-freebsd-questions@FreeBSD.ORG  Wed Sep 17 22:34:18 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7E94816A4B3
	for <freebsd-questions@FreeBSD.ORG>;
	Wed, 17 Sep 2003 22:34:18 -0700 (PDT)
Received: from alpha.tibor.org (117-5-237-24.gci.net [24.237.5.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C8F7E43FDD
	for <freebsd-questions@FreeBSD.ORG>;
	Wed, 17 Sep 2003 22:34:17 -0700 (PDT)	(envelope-from tibor@tibor.org)
Received: from localhost (localhost [127.0.0.1])
	by alpha.tibor.org (Postfix) with ESMTP
	id 455502109D; Wed, 17 Sep 2003 21:34:17 -0800 (AKDT)
Date: Wed, 17 Sep 2003 21:34:17 -0800 (AKDT)
From: Mike Tibor <tibor@tibor.org>
X-X-Sender: tibor@xena.mikey.net
To: Jon Reynolds <jonr@destar.net>
In-Reply-To: <1063843300.4701.38.camel@localhost.localdomain>
Message-ID: <20030917212546.H94957-100000@xena.mikey.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: FreeBSD List <freebsd-questions@FreeBSD.ORG>
Subject: Re: Patching SSH
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Sep 2003 05:34:18 -0000

On Wed, 17 Sep 2003, Jon Reynolds wrote:

> I have SSH installed with the base install of 4.7. I downloaded the
> patch and followed the directions: cd /usr/src - patch < /path/to/patch.
> when I issue that command it asks me which file I would like to patch I
> type in buffer.c and it tells me this file cannot be found. What file do
> I need to patch if not buffer.c?

Hi Jon,

I may not have done it the "correct" way, but what I did was to download
openssh-3.7.1p1 from ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/
and build and install that:

tar zxf openssh-3.7.1*tar.gz
cd openssh-3.7.1*
./configure --with-md5-passwords --with-pam
make
su
make install

--with-md5-passwords *shouldn't* be necessary since we're using pam, but
I've found it necessary to include that on more than one system.  You can
always try it without and see if the resulting sshd will authenticate you
correctly, and if not include it when you rebuild it.

Note that this way will put stuff under /usr/local by default (which you
can always change of course), so any customizations you had to sshd_config
should be merged with the new /usr/local/etc/sshd_config.  Because of
this, I added the following in /etc/rc.conf:

  sshd_program="/usr/local/sbin/sshd"

Hope that helps,
Mike