Date: Sat, 25 Mar 2006 21:30:03 -0600 From: Mark Kane <mark@mkproductions.org> To: freebsd-questions@freebsd.org Subject: Re: running ports openssh instead of the base Message-ID: <44260ABB.7020103@mkproductions.org> In-Reply-To: <20060326032111.GD12075@tigger.digitaltorque.ca> References: <20060326032111.GD12075@tigger.digitaltorque.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Michael P. Soulier wrote: > Hi there, > > If I want to use the openssh from ports to replace the one from the base, > after building and installing it, so I need to do anything special in rc.conf > to specify that I'd like that one run instead of sshd from the base? > > Thanks, > Mike > Hi. From /usr/ports/security/openssh/pkg-message ------------------------------------- To enable this port, please add sshd_program=/usr/local/sbin/sshd and make sure sshd_enable is set to YES in your /etc/rc.conf You may also want to put NO_OPENSSH= true in your /etc/make.conf and make sure your path is setup to /usr/local/bin before /usr/bin so that you are running the port version of openssh and not the version that comes with FreeBSD 'PermitRootLogin no' is the new default for the OpenSSH port. This now matches the PermitRootLogin configuration of OpenSSH in the base system. Please be aware of this when upgrading your OpenSSH port, and if truly necessary, re-enable remote root login by readjusting this option in your sshd_config. Users are encouraged to create single-purpose users with ssh keys and very narrowly defined sudo privileges instead of using root for automated tasks. ------------------------------------- HTH -Mark -- GnuPG Public Key: http://www.mkproductions.org/mk_pubkey.asc Internet Radio: Party107 (Trance/Electronic) - http://www.party107.com Rock 101.9 The Edge (Rock) - http://www.rock1019.net IRC: MIXXnet IRC Network - irc.mixxnet.net (Nick: MIXX941)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44260ABB.7020103>