Date: Mon, 19 Jul 2004 20:39:05 +0100 From: "Vince" <jhary@unsane.co.uk> To: "'Ray Seals'" <rseals@vdsi.net>, "'freebsd-questions@FreeBSD.org'" <freebsd-questions@freebsd.org> Subject: RE: Nessus scan of FreeBSD 5.2.1 shows old version of ssh Message-ID: <200407191938.i6JJcoMQ062073@unsane.co.uk> In-Reply-To: <1090257278.579.9.camel@mgl.magellanhealth.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Well if you realy want the latest openssh install openssh from ports (portinstall openssh or portinstall openssh-portable) you will have to use portable to build with pam if I remember rightly. The version in the base system does not actualy have the vulnerability Nessus is refering to as it was patched umm 2003-10-05 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:15.openssh.a sc In terms of gotchas there arent many, Read /usr/ports/security/openssh(-portable)/pkg-message And unless you use the OPENSSH_OVERWRITE_BASE option I think you may have to manualy move your existing hostkeys to /usr/local/etc and re-edit the new Config files (I could be wrong here as it's a while since I bothered changing from the version in base) Vince > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Ray Seals > Sent: 19 July 2004 18:15 > To: freebsd-questions@FreeBSD.org > Subject: Nessus scan of FreeBSD 5.2.1 shows old version of ssh > > I just ran a Nessus scan against one of my machines. The > scan triggered on a version of ssh older than 3.7.1. > > I ran /usr/bin/ssh -v and found that I have version 3.6.1p1. > I'm looking for the best way to upgrade this. Can I just > install and run 'portupgrade' on SSH? What are some of the > "gotcha" points on doing this? > > -- > Ray Seals <rseals@vdsi.net> > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200407191938.i6JJcoMQ062073>