Re: Portable openssh.

From: Neil Horman (nhorman_at_rNeOdShPaMt.com)
Date: 10/03/03


Date: Fri, 03 Oct 2003 09:08:32 -0400

Gladiator wrote:
> I hope someone can help me to understand one thing. :)
> What´s the difference between openssh from RedHat and from www.openssh.org?
> I have installed a portable openssh 3.5p1-1.rpm on RedHat 7.3 and it was a
> year ago.
> Now I want to update the latest openssh with openssh-3.1p1-14.i386.rpm från
> RedHat Network.
>
> If you look at the version number it lower then the one I have installed, am
> I upgrading or downgrading?
> Whats the difference? Could anyone tell me or give a tips on a websites that
> have this information for a newbie like me.
>
> I did install the openssh-3.1p1-14.i386.rpm anyway on my server and it did
> install new sshd_config.rpmnew.
> But I restarted sshd without changing the sshd_config and I got following
> errors on these options:
> UsePrivilegeSeparation
> KerberosAuthentication
> KerberosOrLocalPasswd
> KerberosTicketCleanup
>
> Is my server more secure after the upgrade?
>
> Billy
>
>
>
Why did you install an openSSH rpm from Red Hat 9 on a 7.3 system?
Regardless, version wise this new package does two things for you. The
patch level includes security fixes as recently as (I think) last month,
so on the whole your system is more secure. However, since it is an
older version than what you currently have, its missing some more recent
features, hence the sshd_config errors you're seening above.

My recommendation: Either 1) reconfig sshd to use the 3.1p14 package and
don't install rpms from other relases in the future, or 2) if you want
the latest and greatest and can do without Red Hat support, just compile
the thing yourself from openssh.org every time an errata is released
(about once a week these days :) )

HTH
Neil

-- 
/***************************************************
  *Neil Horman
  *Software Engineer
  *Red Hat, Inc., www.redhat.com
  *gpg keyid: 1024D / 0x92A74FA1
  *http://www.keyserver.net
  ***************************************************/


Relevant Pages

  • Re: I have installed Red Hat Enterprise illegally!
    ... >> Red Hat from the net. ... so I visited my local bookshop to purchase a book on Linux. ... What Redhat does own is their logos and the name Redhat. ... >is install your new distro in the same partition that you installed RHEL. ...
    (alt.os.linux.redhat)
  • Re: Portable openssh.
    ... ]What´s the difference between openssh from RedHat and from www.openssh.org? ... Why did you install the version from 3.5 in the first place? ... ]KerberosAuthentication ...
    (comp.os.linux.networking)
  • Re: Portable openssh.
    ... ]What´s the difference between openssh from RedHat and from www.openssh.org? ... Why did you install the version from 3.5 in the first place? ... ]KerberosAuthentication ...
    (comp.os.linux)
  • Re: Portable openssh.
    ... ]What´s the difference between openssh from RedHat and from www.openssh.org? ... Why did you install the version from 3.5 in the first place? ... ]KerberosAuthentication ...
    (comp.os.linux.security)
  • Re: Portable openssh.
    ... > What´s the difference between openssh from RedHat and from www.openssh.org? ... Why did you install an openSSH rpm from Red Hat 9 on a 7.3 system? ...
    (comp.os.linux)