From owner-freebsd-questions@FreeBSD.ORG Sun Feb 27 15:44:06 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F2F5816A4DB for ; Sun, 27 Feb 2005 15:44:05 +0000 (GMT) Received: from mail25.sea5.speakeasy.net (mail25.sea5.speakeasy.net [69.17.117.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id B326343D2D for ; Sun, 27 Feb 2005 15:44:05 +0000 (GMT) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: (qmail 15434 invoked from network); 27 Feb 2005 15:44:05 -0000 Received: from dsl092-078-145.bos1.dsl.speakeasy.net (HELO be-well.ilk.org) ([66.92.78.145]) (envelope-sender ) by mail25.sea5.speakeasy.net (qmail-ldap-1.03) with SMTP for ; 27 Feb 2005 15:44:05 -0000 Received: by be-well.ilk.org (Postfix, from userid 1147) id 529B681; Sun, 27 Feb 2005 10:44:04 -0500 (EST) Sender: lowell@be-well.ilk.org To: wo_shi_big_stomach References: <20050227013552.66030.qmail@web41607.mail.yahoo.com> From: Lowell Gilbert Date: 27 Feb 2005 10:44:04 -0500 In-Reply-To: <20050227013552.66030.qmail@web41607.mail.yahoo.com> Message-ID: <44ll9ahut7.fsf@be-well.ilk.org> Lines: 43 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii cc: freebsd-questions@freebsd.org Subject: Re: updating system version of OpenSSH X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: freebsd-questions@freebsd.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Feb 2005 15:44:06 -0000 wo_shi_big_stomach writes: > Phil Schulz wrote: > > > If you can't afford to upgrade the base OS and you do not want to > > install OpenSSH from the ports > > Sorry, I wasn't clear. I have no problem installing or > upgrading OpenSSH from ports. Indeed, that's all I > know how to do. It's generally the best option for people who need to upgrade to the latest version string, such as for satisfying corporate security "experts". Beyond that, the only real use of ports upgrades is for people who insist on staying with older base versions. > My question is how to upgrade OpenSSH as included with > 5.2.1. If a ports install will do this, great. It will. > The more general question is how to upgrade system > software, especially in cases where it's not included > in the ports collection. There are several answers, but the usual one is to update the entire base system. FreeBSD is designed to be a complete operating system, rather than to be updated piecemeal; the advantage is that you don't have to worry about dependencies between the pieces, but the disadvantage is that, well, you have to update everything at once. In the case of people still running 5.2.1, I'd definitely recommend updating the whole thing -- after all, 5.2.1 wasn't recommended for production use at the time it was released, and 5.3 was. Another answer is the FreeBSD-update port (security/freebsd-update), but it doesn't support custom kernels. If you're updating because of a security problem that had a security advisory issued for it, then the advisory will generally include patches and directions for applying and building them. Doing this for arbitrary sets of code updates is usually possible, but difficult for anyone who doesn't have developer-level understanding of source code control. Good luck.