Date: Sat, 29 Jun 2002 19:25:08 -0500 From: "Jack L. Stone" <jackstone@sage-one.net> To: Scott Robbins <scottro@nyc.rr.com> Cc: FreeBSD user <freebsd@XtremeDev.com>, Scott Gerhardt <scott@gerhardt-it.com>, FreeBSD <freebsd-questions@FreeBSD.ORG>, freebsd-security@FreeBSD.ORG Subject: Re: Sshd fix Message-ID: <3.0.5.32.20020629192508.0117cc50@mail.sage-one.net> In-Reply-To: <20020630004754.GA2600@scott1.homeunix.net> References: <3.0.5.32.20020629173550.0117cc50@mail.sage-one.net> <B94260F8.FFB%scott@gerhardt-it.com> <3.0.5.32.20020629173550.0117cc50@mail.sage-one.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 07:47 PM 6.29.2002 -0500, Scott Robbins wrote: >On Sat, Jun 29, 2002 at 05:35:50PM -0500, Jack L. Stone wrote: >> At 07:07 PM 6.28.2002 -0600, FreeBSD user wrote: >> >cd /usr/ports/security/openssh-portable && make -DOPENSSH_OVERWRITE_BASE >> install distclean >> > >> I just ran this on a test box and the sshd version shows no change... I saw >> it compile and install, but #sshd -V gives old version #... >> >> What did I do wrong here...?? > >BTW after the other Scott's post, I tried it his way--leaving out >sshd_enable and sshd_program. Worked quite well--also, one reason I >haven't done the overwrite option--as Jonathan said, won't that get >clobbered next time you do make world? > >Interestingly enough, pkg-message suggests doing this--leaving >sshd_enable at YES, adding sshd_program and then editing the path, (I >assume root's) so that /usr/local/sbin comes before /usr/sbin. >However, I've found the lazy man's way, which seems to be efficient as >well, to be a combination of Jonathan's and the other Scott's. > >I realize this is not exactly what Jack is asking, but I'm wondering >too--if one does the OVERWRITE, won't it get clobbered upon the next >make world? > >Thanks >Scott Robbins >> This is what worries me too. I deinstalled the ssh port right afterwards, but I'm wondering what else is changed. I noticed it updated the openssl-0.9.6a to 0.9.6d that I didn't expect. The /var/db/pkg shows that "d" version installed. I'm running SSL on that machine and it still says 0.9.6.a when I load Apache_modssl and OpenSSH, etc. But, NOW, I'm really worried that I shot myself in the foot and this is waiting to bite me later. If anyone knows the answer to what Scott said about the next make world clobbering things, please let me know.... Best regards, Jack L. Stone, Administrator SageOne Net http://www.sage-one.net jackstone@sage-one.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.20020629192508.0117cc50>