How to rebuild ssh w/ latest sources (was Re: SSH Vulnerability)

From: Matt Dillon (
Date: 02/09/01

Date: Fri, 9 Feb 2001 10:41:23 -0800 (PST)
From: Matt Dillon <>
To: "Mason Harding" <>

:I am guessing this OpenSSH vulnerability applies to FreeBSD...does anyone
:Also thought others might like to know about it.

    Yes. If your sources are reasonably up to date (since Jan 23),
    just rebuild it:

    cd /usr/src/secure/lib/libssh
    make clean obj all
    cd /usr/src/secure/usr.sbin/sshd
    make clean obj all install
    cd /usr/src/secure/usr.bin/ssh
    make clean obj all install

    (kill your old sshd daemon, start a new one)

    Verify you are running the new version of the daemon:

% ssh -v localhost
earth:/home/dillon> ssh -v localhost
SSH Version OpenSSH_2.3.0, protocol versions 1.5/2.0.
Compiled with SSL (0x0090600f).
debug: Reading configuration data /etc/ssh/ssh_config
debug: ssh_connect: getuid 101 geteuid 101 anon 1
debug: Connecting to localhost [] port 22.
debug: Connection established.
debug: Remote protocol version 1.99, remote software version OpenSSH_2.3.0
debug: match: OpenSSH_2.3.0 pat ^OpenSSH[-_]2\.3

debug: Local version string SSH-1.5-OpenSSH_2.3.0

To Unsubscribe: send mail to
with "unsubscribe freebsd-security" in the body of the message