How to rebuild ssh w/ latest sources (was Re: SSH Vulnerability)

From: Matt Dillon (dillon@earth.backplane.com)
Date: 02/09/01

• Next message: Luigi Rizzo: "adding securelevel control to r/w sysctl variables..."
• Previous message: Mike Silbersack: "Re: Is this a problem for us too?"
• In reply to: Mason Harding: "SSH Vulnerability"
• Next in thread: Fernando Schapachnik: "Re: How to rebuild ssh w/ latest sources (was Re: SSH Vulnerability)"
• Reply: Fernando Schapachnik: "Re: How to rebuild ssh w/ latest sources (was Re: SSH Vulnerability)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Fri, 9 Feb 2001 10:41:23 -0800 (PST)
From: Matt Dillon <dillon@earth.backplane.com>
To: "Mason Harding" <mharding@marketnews.com>

:I am guessing this OpenSSH vulnerability applies to FreeBSD...does anyone
:know?
:Also thought others might like to know about it.
:http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
:
:Mason

    Yes. If your sources are reasonably up to date (since Jan 23),
    just rebuild it:

    cd /usr/src/secure/lib/libssh
    make clean obj all
    cd /usr/src/secure/usr.sbin/sshd
    make clean obj all install
    cd /usr/src/secure/usr.bin/ssh
    make clean obj all install

    (kill your old sshd daemon, start a new one)

    Verify you are running the new version of the daemon:

% ssh -v localhost
earth:/home/dillon> ssh -v localhost
SSH Version OpenSSH_2.3.0, protocol versions 1.5/2.0.
Compiled with SSL (0x0090600f).
debug: Reading configuration data /etc/ssh/ssh_config
debug: ssh_connect: getuid 101 geteuid 101 anon 1
debug: Connecting to localhost [127.0.0.1] port 22.
debug: Connection established.
debug: Remote protocol version 1.99, remote software version OpenSSH_2.3.0
                                                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
debug: match: OpenSSH_2.3.0 pat ^OpenSSH[-_]2\.3

debug: Local version string SSH-1.5-OpenSSH_2.3.0

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

---

• Next message: Luigi Rizzo: "adding securelevel control to r/w sysctl variables..."
• Previous message: Mike Silbersack: "Re: Is this a problem for us too?"
• In reply to: Mason Harding: "SSH Vulnerability"
• Next in thread: Fernando Schapachnik: "Re: How to rebuild ssh w/ latest sources (was Re: SSH Vulnerability)"
• Reply: Fernando Schapachnik: "Re: How to rebuild ssh w/ latest sources (was Re: SSH Vulnerability)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: ssh - cannot log in ... If I were using a Linux ssh client, I would turn on the debug option. ... Does Putty have a debug window one could look at which might give clues? ... # Specify the ssh protocols accepted, default was Protocol 2,1 ... (Fedora) Rsync problem ... In our Institut i was able to use rsync with ssh for backup my data from PC to linux server. ... debug: SshAuthMethodClient/sshauthmethodc.c:85: Added "keyboard-interactive" to ... (comp.security.ssh) Re: How to ssh from AIX to Linux Redhat without prompting for passwd. ... You are correct..we are using a commercial ssh. ... we are using publickeys. ... debug: Ssh2/ssh2.c:1956: Entering event loop. ... (comp.security.ssh) ssh with keys problem from Solaris ... I've followed your instructions for setting up ssh with keys, ... debug: client supports 3 auth methods: 'publickey,keyboard- ... (comp.security.ssh) SSH problem (was ssh cipher) ... Well the problem isn't ssh.com vs openssh. ... OpenSSH_2.5.1p2, SSH protocols 1.5/2.0, OpenSSL ... debug: Reading configuration data /etc/ssh_config ... debug: Connection established. ... (FreeBSD-Security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > FreeBSD-Security  > 2001-02