Date: Wed, 28 Nov 2001 15:26:40 -0700 From: Brett Glass <brett@lariat.org> To: "Jay Keller" <jaykeller4@hotmail.com>, freebsd-security@FreeBSD.ORG Subject: Re: Updating ssh Message-ID: <4.3.2.7.2.20011128151923.041d0710@localhost> In-Reply-To: <F49Gmjm08IyFrydlb9r0001c375@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 03:07 PM 11/28/2001, Jay Keller wrote: >I'm trying to update the ssh that is part of the base of 4.4. The latest version (after updating using cvs RELENG_4) is openssh-2.9 shown with /usr/bin/ssh -V. Openssh 3.0.x is available via ports or packages and is set to be installed to /usr/local/whatever. What is the correct way to update ssh? Do I go through and delete all of the original ssh files in /usr/bin, /etc, the man pages, and so on and then just install the version 3x package? Or should I use the port and somehow change the install dir to something to match the original or just use /usr/local? This reflects a common problem in FreeBSD. When you install a port or compile a newer version of an application which is included in the base install, it usually goes into /usr/local, so the system keeps on using the old version (which is ahead of the newer one in the path). What's more, the configuration files are often required to be in different places. FreeBSD uses /etc/ssh for SSH configuration files, while by default OpenSSH dumps them into /usr/local/etc. When I recently upgraded SSH on a few systems, it was a painful process that took a LOT of manual editing. To keep the original host keys, I had to delete the new keys generated by the install. I symlinked the files back into /etc/ssh and also added a -f command line argument for SSH to rc.conf, just for good measure. I also deleted the old SSH utilities from /usr/bin and replaced them with symlinks leading to /usr/local/bin. Upgrading Perl or Sendmail is equally painful. (I recently had to build a threaded version of Perl.... Not hard to build, but a MESS to get installed.) Perhaps FreeBSD should put these things in /usr/local from the get-go? --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20011128151923.041d0710>