Date: Wed, 12 May 2010 17:22:54 -0400 From: "Peter C. Lai" <peter@simons-rock.edu> To: Matthieu Michaud <michaud.matthieu@gmail.com> Cc: stable@freebsd.org Subject: Re: OpenSSH 5.4 bug fixed in 5.5 Message-ID: <20100512212254.GQ56212@cesium.hyperfine.info> In-Reply-To: <4BEB1298.80408@nxdomain.fr> References: <4BEB1298.80408@nxdomain.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
Or install the version from ports and deactivate the base version...
On 2010-05-12 10:42:00PM +0200, Matthieu Michaud wrote:
> I would like to share a solution of a problem I faced with the current
> version of OpenSSH in 8-STABLE (5.4p1).
>
> Last upgrade of my system updated OpenSSH from 5.2p1 to 5.4p1 which has a
> regression for those using a non-default AuthorizedKeysFile option set to a
> relative path (".ssh/keys" in my case). If you are using the default you
> are not affected.
>
> As I had authentication mechanism restricted to public keys and this
> parameter expands to //.ssh/keys with the regression I wasn't able to
> access my server after restart.
>
> It's fixed in 5.5p1 which is not yet imported in the 8-STABLE branch.
>
> To get back this option working you either have to wait for 5.5p1 merge to
> 8-STABLE, install it yourself or import the following patch from the vendor
> and rebuild sshd. I opted for the last solution. Here's how I did it :
>
> cd /usr/src/crypto/openssh
>
> fetch -o -
> 'http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/servconf.c.diff?r1=1.207;r2=1.204'
> | patch
>
> cd /usr/src/secure/usr.sbin/sshd
> make obj depend
> make all
> make install
>
> Hope it helps,
> Matthieu
> _______________________________________________
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
--
===========================================================
Peter C. Lai | Bard College at Simon's Rock
Systems Administrator | 84 Alford Rd.
Information Technology Svcs. | Gt. Barrington, MA 01230 USA
peter AT simons-rock.edu | (413) 528-7428
===========================================================
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100512212254.GQ56212>