Re: Assistence with OpenSSH build/config on Red Hat 7.2
From: Nico Kadel-Garcia (nkadel_at_comcast.net)
Date: 02/15/04
- Previous message: Nico Kadel-Garcia: "Re: sftp and chroot"
- In reply to: Brian: "Assistence with OpenSSH build/config on Red Hat 7.2"
- Next in thread: Brian: "Re: Assistence with OpenSSH build/config on Red Hat 7.2"
- Reply: Brian: "Re: Assistence with OpenSSH build/config on Red Hat 7.2"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 14 Feb 2004 21:52:57 -0500
Brian wrote:
> Hello Folks!
> I've been working with OpenSSH for several years now and find it
> incredibly useful! Typically, installs and source builds go fairly
> smoothly, but I've run into a snag on a Red Hat 7.2 workstation. If
> you have any hints or ideas, please let me know! I have Googled and
> searched OpenSSH mail archives at length but have not found the
> solution yet.
>
> Project requirements mandate that we run a locally built version of
> OpenSSH in /usr/local/openssh.
>
> This RH7.2 host is fully patched with the latest Redhat security
> errata RPM releases and has the following RPMs installed:
>
> openssl-perl-0.9.6b-35.7
> openssl096-0.9.6-23.7
> openssl095a-0.9.5a-23.7.3
> openssl-0.9.6b-35.7
> openssl-devel-0.9.6b-35.7
> openssh-server-3.1p1-14
> openssh-askpass-3.1p1-14
> openssh-askpass-gnome-3.1p1-14
> openssh-clients-3.1p1-14
> openssh-3.1p1-14
> zlib-1.1.4-8.7x
>
> I cannot remove the installed OpenSSH RPMs to due to project
> requirements, however, editing PATH and custom start-up scripts, we
> want to call:
> /usr/local/openssh/sbin/sshd -f /usr/local/openssh/etc/sshd_config
Your project architect needs a serious boot to the head. Insisting on having
both the default RPM installed version and a local installation in
/usr/local/* is like telling you to use screwdrivers to drive nails. You can
expect, and will find, all sorts of nastiness based on PATH settings finding
the wrong binaries.
Is there *ANY* way you can simply re-compile and slightly rename the RedHat
SRPM's with your desired changes and replace them, just to make your lives
simpler? Or is there some compelling reason to provide two activer versions
of both the clients and the servers on these systems?
> The system is part of an NIS group and regular users can
> successfully telnet, authenticate, and connect to the system.
Oooff. OK, can you update from 7.2? It's not supported any more, and the
OpenSSH for Fedora is 3.6.1p2, which is a much smaller leap to use the very
latest OpenSSH. Also, read the SRPM patches and spec files *VERY* carefully
to get all the NIS and other settings right for 7.2.
> I'm just about out of ideas. If you have any experience with this
> issue, please let me know.
My experience is with similar issues of old/new versions of software both
being installed due to "policy decisions(tm)". It's extremely painful to do
correctly: I really urge you to do wholesale updates to avoid the potential
incompatibilities between OS and software releases.
- Previous message: Nico Kadel-Garcia: "Re: sftp and chroot"
- In reply to: Brian: "Assistence with OpenSSH build/config on Red Hat 7.2"
- Next in thread: Brian: "Re: Assistence with OpenSSH build/config on Red Hat 7.2"
- Reply: Brian: "Re: Assistence with OpenSSH build/config on Red Hat 7.2"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
