From owner-freebsd-questions Wed Jun 26 19:24:10 2002 Delivered-To: freebsd-questions@freebsd.org Received: from nycsmtp2out.rdc-nyc.rr.com (nycsmtp2out.rdc-nyc.rr.com [24.29.99.227]) by hub.freebsd.org (Postfix) with ESMTP id 9C7C137B40A for ; Wed, 26 Jun 2002 19:24:05 -0700 (PDT) Received: from despammed.com (66-108-172-188.nyc.rr.com [66.108.172.188]) by nycsmtp2out.rdc-nyc.rr.com (8.12.1/Road Runner SMTP Server 1.0) with SMTP id g5R2N5YV015589; Wed, 26 Jun 2002 22:23:05 -0400 (EDT) Date: Wed, 26 Jun 2002 22:24:08 -0500 From: Scott Robbins To: Lord Raiden Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Wrong ssh upgraded Message-ID: <20020627032408.GA3892@scott1.homeunix.net> Mail-Followup-To: Lord Raiden , freebsd-questions@FreeBSD.ORG References: <4.2.0.58.20020626212637.0095cb30@pop.netzero.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4.2.0.58.20020626212637.0095cb30@pop.netzero.net> User-Agent: Mutt/1.4i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Jun 26, 2002 at 09:29:55PM -0400, Lord Raiden wrote: > Hi all. I got a problem. Ran the install for openssh to > upgrade it, well it didn't upgrade the right one. I'm using > /usr/sbin/sshd instead of what some others are using which is > /usr/local/sbin/sshd. The one that boots on my machines by default is > /usr/sbin/sshd > > The one that was upgraded of course was the other > one. /usr/local/sbin/sshd I'd like to if possible also upgrade the > /usr/sbin/sshd one as well. I posted one method and Jonathan Chen posted a better one. His is this--in /etc/rc.conf add the line sshd_program="/usr/local/sbin/sshd" I found that for this to work, I first had to set sshd_enable=NO in rc.conf (otherwise, the startup scripts will run the /usr/sbin one. Also, you'll see that you have a new file in /usr/local/etc/rc.d called sshd.sh.sample, change it sshd.sh The other things have been mentioned, I believe--be sure that the PrivilegeSeparation is set to yes, and change the default ChallengeResponse yes to a no. You may or may not (by the time I tried Jonathan's method, I'd already made the directory, so don't know if it'll complain otherwise) have to do a mkdir /var/empty To replace the /usr/sbin (this was the way I did it at first, which did work) you can simply copy over the /usr/local/sbin/sshd to /usr/sbin/sshd--also copy the /usr/local/etc/ssh/sshd_config to /etc/ssh/ That will work. In that case, I guess you wouldn't have to mess with your /etc/rc.conf but could let it start normally. One thing--I did find, after using Jonathan's method that a which sshd would still answer /usr/sbin/sshd. It also, when I did sshd -V give me the old version number, even though a ps ax | grep sshd showed me that the /usr/local/sbin one was the one that was running. When, experimenting, I simply renamed the /usr/sbin/sshd it then gave me the correct version number. Hope this helps Scott Robbins To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message