Date: Fri, 23 Jul 2004 12:51:44 +0200 From: Nelis Lamprecht <nelis@8ball.co.za> To: Bryce <brycemott@yahoo.com> Cc: Freebsd questions <freebsd-questions@freebsd.org> Subject: Re: SSH Client - OpenSSH dependency problem Message-ID: <1090579890.7539.29.camel@nelis.brabys.co.za> In-Reply-To: <20040723062628.98792.qmail@web11601.mail.yahoo.com> References: <20040723062628.98792.qmail@web11601.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-NLKonkNVJpc8OIK0PS8u Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Fri, 2004-07-23 at 08:26, Bryce wrote: > Dependency warning: used OpenSSL version contains > known vulnerabilities > Please update or define either WITH_OPENSSL_BASE or > WITH_OPENSSL_PORT >=20 > Can anyone throw some light on how to fix this? >=20 As already mentioned you can just use the base system ssh. If however you want to upgrade it to a newer version ( advisable if this machine is accessible to the public ) then you will have to do as the above says. By default the base system contains openssl in /usr/bin and the openssl port installs to /usr/local/bin. This is why you're given the option WITH_OPENSSL_BASE, meaning /usr/bin/openssl or WITH_OPENSSL_PORT, meaning /usr/local/bin/openssl. Basically it's saying, if you already have an updated version in base or ports then tell me where it is. The above is also applicable to openssh. To prevent yourself from getting confused you could always do the following to both openssl and openssh after installing/upgrading them from ports: cd /usr/bin; mv openssl openssl.base; ln -s /usr/local/bin/openssl openssl ..and the same with ssh which will make sure you always use the latest version. By default your $PATH is set to use the base version. If you are going to use the ports then you may also want to ensure the following are defined in /etc/make.conf NO_OPENSSH=3D true NO_OPENSSL=3D true Regards, --=20 Nelis Lamprecht PGP: http://www.8ball.co.za/pgpkey/nelis.asc "Unix IS user friendly.. It's just selective about who its friends are." --=-NLKonkNVJpc8OIK0PS8u Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQBBAO2yQfIMKiRMCrERAnJiAJ9A+HthT9KbnXJZiE74dYONFh+coQCgtS13 TvQjOUG36f0e3/GCTKiRNdM= =Wjdu -----END PGP SIGNATURE----- --=-NLKonkNVJpc8OIK0PS8u--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1090579890.7539.29.camel>