LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-13-2003, 12:04 PM   #1
joesbox
Member
 
Registered: Feb 2003
Location: hampton va
Distribution: ubuntu
Posts: 502

Rep: Reputation: 30
need help upgrading openssh 3.7.1p1.*rpm


i am in dire need of upgrading my openssh. my lan shop has pinged my puter with having unsecure ssh and they want me to have 3.7.1p1. i went to the RH site and found 3.1p1-13.i386.rpm for RH7.1(the server i want to upgrade)
now if this will create the same patches as 3.7.1p1 then that is all fine and dandy but my lan shop only worries about numbers. if they don't get 3.7* then i will be locked out of the system until i get the upgrade that they want.

when i try and upgrade my RH9 server i get dependencies problems
Code:
#rpm -Uvhi openssh.new.rpm
openssh-server.old requires openssh.old.rpm
openssh-client.old requires   openssh.old.rpm
openssh-askpass.old requires openssh.old.rpm
openssh-askpass-gnome.old requires openssh.old.rpm
when i try and upgrad the new sshd or client or askpass's i get that they require openssh.new.rpm

what can i do???
 
Old 10-13-2003, 12:31 PM   #2
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
Download the source from openssh.org and compile? By the way, it should be OpenSSH 3.7.1p2 I think.
 
Old 10-13-2003, 12:39 PM   #3
joesbox
Member
 
Registered: Feb 2003
Location: hampton va
Distribution: ubuntu
Posts: 502

Original Poster
Rep: Reputation: 30
when i did that it left the sshd alone. i checked the sshd version from another box by doing this

Code:
ssh -v <insert ip of interested box>
and i got this
Code:
# ssh -v 127.0.0.1
OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to *.*.*.* [*.*.*.*] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_2.5.2p2
debug1: match: OpenSSH_2.5.2p2 pat OpenSSH_2.5.0*,OpenSSH_2.5.1*,OpenSSH_2.5.2*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.5p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST_OLD sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 131/256
debug1: bits set: 1047/2049
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
The authenticity of host '*.*.*.* (*.*.*.*)' can't be established.
RSA key fingerprint is 8a:e6:07:8b:64:70:19:28:3b:fa:3c:25:f0:21:e1:ac.
Are you sure you want to continue connecting (yes/no)?
all * are to keep secure my ip but it is the RH7.1 box
 
Old 10-13-2003, 01:14 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,285
Blog Entries: 54

Rep: Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854
"rpm -qa | grep -ie openssh" and upgrade all those rpm's.
Sshd is in openssh-server-3.7.1p2-1.i386.rpm.
 
Old 10-13-2003, 01:29 PM   #5
joesbox
Member
 
Registered: Feb 2003
Location: hampton va
Distribution: ubuntu
Posts: 502

Original Poster
Rep: Reputation: 30
update******
i was able to upgrade the rh9 server. all i got to do is upgrade about a few hundred packages for the rh7.1 server that the new openssh depends on. thanks for everything guys/gals. thanks for the help.

oh yeah, what was the fix?? i was trying to
Code:
rpm -Uvh 

'instead of '

rpm -Fvh
the rpms.
 
Old 10-13-2003, 02:36 PM   #6
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
If you really did make install for the openssh source, look to see where it put the binaries. Likely they're in /usr/local/bin rather than the normal location. All you had to do was change your Sys V init script to point to the new binary. On my systems where I built from source, I actually moved all the old binaries to a backup directory and symlinked the old location to the new binaries.

You will of course need to stop and start the service after installing the new binaries that you compiled.
 
Old 03-16-2004, 04:11 PM   #7
Easyrider
LQ Newbie
 
Registered: Mar 2004
Location: Portland, Oregon
Distribution: Red Hat 7.3
Posts: 2

Rep: Reputation: 0
I am having the same problems as the OP. I suppose I could download and compile the latest which is what I will probably do if I can't get the RPM approach to work. My servers are 15 miles away in colo so it's always risky fooling with ssh.

I am currently at openssh 3.1p1 on RH 7.3. I downloaded the 3.7p1 srpm and it seemed to rebuild ok. But when I tried to rpm -Fvh the rpm file, I got complaints about dependencies for a lot of 3.1p - 14 stuff.

I came out of a Solaris environment so I am pretty new with rpms. My guess is that I am overlooking something pretty basic.

TIA!
 
Old 03-16-2004, 08:27 PM   #8
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
Quote:
Originally posted by joesbox
update******
i was able to upgrade the rh9 server. all i got to do is upgrade about a few hundred packages for the rh7.1 server that the new openssh depends on. thanks for everything guys/gals. thanks for the help.

oh yeah, what was the fix?? i was trying to
Code:
rpm -Uvh 

'instead of '

rpm -Fvh
the rpms.
You need to use -Uvh, see above.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Upgrading from an older version of openssh afruto Linux - Security 4 10-01-2004 11:27 AM
ssh 3.9.1p1 rpm? jjohnston62 Red Hat 0 09-02-2004 10:32 PM
Upgrading OpenSSH in RH 7.3? german Linux - Software 1 10-05-2003 02:25 PM
OpenSSH-3.7.1p1 compilation error (bsd-compat) keex Linux - Software 1 10-01-2003 01:13 PM
upgrading to openssh 3.5 cuss Linux - Security 8 12-12-2002 11:08 AM


All times are GMT -5. The time now is 03:00 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration