Date: Thu, 25 Jan 2001 02:36:05 -0800 From: "Scott Raymond" <scott@link-net.com> To: "Peter Pentchev" <roam@orbitel.bg> Cc: "Me" <xride@www-student.eit.ihk.dk>, <freebsd-security@freebsd.org> Subject: RE: OpenSSH b0rked (was RE: Problems with IPFW patch) Message-ID: <FDEEKLDJMPFBCBKOEEINOEJECKAA.scott@link-net.com> In-Reply-To: <20010125114228.B578@ringworld.oblivion.bg>
next in thread | previous in thread | raw e-mail | index | archive | help
Just did that as per your suggestion. I did a "mergemaster -a -i", and followed the instructions in the FreeBSD handbook for updating /dev and /stand. Seems to have worked out pretty well, and everything is up to date. -- Scott ======================= Scott Raymond http://soundamerica.com ======================= > -----Original Message----- > From: owner-freebsd-security@FreeBSD.ORG > [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Peter Pentchev > Sent: Thursday, January 25, 2001 1:42 AM > To: Scott Raymond > Cc: Me; freebsd-security@freebsd.org > Subject: Re: OpenSSH b0rked (was RE: Problems with IPFW patch) > > > You'd be better off running mergemaster anyway, after (or before) > EVERY world build/install cycle. Now God only knows how far your /etc > has strayed from the updated one, and how many programs may break or > malfunction in subtle ways :) > > G'luck, > Peter > > -- > What would this sentence be like if pi were 3? > > On Thu, Jan 25, 2001 at 01:25:08AM -0800, Scott Raymond wrote: > > I had kept that in mind before I did so. In fact, the > research I did > > suggested that I compare the file from the source tree and > the existing > > one in /etc and make changes to the one in /etc. I discovered that > > instead of editing the old one, it was simply easier to > just copy the > > file over from the source path since the only difference was the > > addition of sshd entries. > > > > -- > > Scott > > ======================= > > Scott Raymond > > http://soundamerica.com > > ======================= > > > > > > > -----Original Message----- > > > From: owner-freebsd-security@FreeBSD.ORG > > > [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Me > > > Sent: Thursday, January 25, 2001 1:07 AM > > > To: freebsd-security@freebsd.org > > > Subject: Re: OpenSSH b0rked (was RE: Problems with IPFW patch) > > > > > > > > > > > > Use mergemaster .. > > > > > > I find's it to risky to just do a blind copy.. > > > > > > Soren. > > > > > > On Wed, Jan 24, 2001 at 10:50:54PM -0800, Scott Raymond wrote: > > > > Yes, once I was finished I ran into the same problem. I > > > did a bit of > > > > research - copy /usr/src/etc/pam.conf to /etc/pam.conf > - overwriting > > > > your old one. That fixed it for me - and all that was > > > needed for the > > > > fix was the config file. No reboots or restarting sshd > necessary. > > > > > > > > -- > > > > Scott > > > > ======================= > > > > Scott Raymond > > > > http://soundamerica.com > > > > ======================= > > > > > > > > > > > > > -----Original Message----- > > > > > From: Scott Hilton [mailto:kupek@earthlink.net] > > > > > Sent: Wednesday, January 24, 2001 7:32 PM > > > > > To: scott@link-net.com > > > > > Subject: RE: OpenSSH b0rked (was RE: Problems with IPFW patch) > > > > > > > > > > > > > > > hey, I just got another error when trying to log into sshd... > > > > > getting "no > > > > > modules loaded for 'sshd' service" and "fatal: PAM session > > > > > setup failed(6): > > > > > Permission denied" > > > > > > > > > > Let me know if you get the same thing... > > > > > > > > > > > > > > > -----Original Message----- > > > > > From: Scott Raymond [mailto:scott@link-net.com] > > > > > Sent: Wednesday, January 24, 2001 7:10 PM > > > > > To: Scott Hilton; freebsd-security@freebsd.org > > > > > Subject: RE: OpenSSH b0rked (was RE: Problems with IPFW patch) > > > > > > > > > > > > > > > Oh, crap. That's EXACTLY what was happening. > > > > > > > > > > Looks like it's time for another compile. Duh. > > > > > > > > > > -- > > > > > Scott > > > > > ======================= > > > > > Scott Raymond > > > > > http://soundamerica.com > > > > > ======================= > > > > > > > > > > > > > > > > -----Original Message----- > > > > > > From: Scott Hilton [mailto:kupek@earthlink.net] > > > > > > Sent: Wednesday, January 24, 2001 6:36 PM > > > > > > To: scott@link-net.com; freebsd-security@freebsd.org > > > > > > Subject: RE: OpenSSH b0rked (was RE: Problems with > IPFW patch) > > > > > > > > > > > > > > > > > > What's wrong with OpenSSH? The only problem I encountered > > > > > > with it was the > > > > > > following message when trying to start it: > > > > > > > > > > > > fatal: ConnectionsPerPeriod has been deprecated > > > > > > > > > > > > > > > > > > I was looking around for a few minutes, and found > the following: > > > > > > > > > > > > > > > ================================================================= > > > > > > = Changes from previous versions > > > = > > > > > > > > > ================================================================= > > > > > > > > > > > > 2.3.0: > > > > > > We link with OpenSSL 0.9.6 now. > > > > > > > > > > > > Diffs from the FreeBSD version are not distributed right > > > > > > now (but will be). > > > > > > > > > > > > ConnectionsPerPeriod is currently not integrated. > > > > > > Consider using MaxStartups instead. If you still need > > > > > > ConnectionsPerPeriod, bug me and I may do it. > > > > > > > > > > > > > > > > > > I commented out ConnectionsPerPeriod in /etc/ssh/sshd_config > > > > > > and sshd loaded > > > > > > without any problems. > > > > > > > > > > > > > > > > > > > > > > > > -----Original Message----- > > > > > > Yeah, now if I could just figure out what was wrong > > > with the openssh > > > > > > implementation in the core system. Openssh (ports tree > > > > > > version) has an > > > > > > annoying install sequence - you can't define where it gets > > > > > > installed, so > > > > > > the files get installed to the hard-coded directory > > > tree /usr/local. > > > > > > The non-working core system one normally installs sshd to > > > > > > /usr/sbin and > > > > > > the config files to /etc/ssh. > > > > > > > > > > > > What bugs me is that when this gets fixed it's going to > > > > > take another 4 > > > > > > hours of compiling and installing. > > > > > > > > > > > > Bah. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FDEEKLDJMPFBCBKOEEINOEJECKAA.scott>