Date: Thu, 17 Apr 2003 12:33:10 -0700 From: Doug Silver <dsilver@urchin.com> To: Charles Sprickman <spork@inch.com> Cc: stable@freebsd.org Subject: Re: Problem logging in after upgrade to 4.8-Stable Message-ID: <200304171232.48652.dsilver@urchin.com> In-Reply-To: <20030415204211.I6307@shell.inch.com> References: <200304151126.21202.dsilver@urchin.com> <200304151618.21167.dsilver@urchin.com> <20030415204211.I6307@shell.inch.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday 15 April 2003 05:44 pm, Charles Sprickman wrote: > On Tue, 15 Apr 2003, Doug Silver wrote: > > Here's some more information that I realize is probably relevant. I've > > attempted to strip out the openssl/openssh out of the base system, > > including libcrypto and libssl so I can track it through the ports area. > > That would be the problem. You probably lack the crypto libs needed to > check the "old" users. The new users are probably using a different > encryption method in the password file. Look at /etc/master.passwd and > you should see a difference in the crypted password. > > As far as I know, you *can't* pull libcrypto out and replace it from ports > as there is no such port... I'm sure someone will correct me if I'm wrong > about that, but even if I am, it still sounds like a bad idea. > > Charles > libcrypto is part of the openssl port, perhaps you're thinking of libcrypt? I just figured out where I shot myself in the foot ;\ In my attempt to strip out libcrypto/libssl out of the build process I commented in "NOSECURE" and "NOCRYPTO" in /etc/make.conf -- and to ensure it, I removed the source. So, that is clearly the wrong thing to do. Is the preferred method, if I simply want to ensure that libcrypto and libssl are used from the openssl port, to remove & symlink them in /usr/lib? BTW -- I'm not concerned with the few binaries in the base system that are linked against these libs (e.g. pkg_sign, pkg_check). Or, is this a Pandora's box that I just shouldn't open (assuming the ports system recognizes the various "OPENSSL" settings in /etc/make.conf)? -doug
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200304171232.48652.dsilver>