Re: Assistence with OpenSSH build/config on Red Hat 7.2

From: Brian (brianm_at_fsg1.nws.noaa.gov)
Date: 02/16/04 

Date: Mon, 16 Feb 2004 12:36:33 -0500
To: Nico Kadel-Garcia <nkadel@comcast.net>

Thank you for lending your experience on these issues. I certainly agree
and do not want to leave both RPMs and source-built apps on the same
system. I recently fixed a separate problem related to the way RPMS are
left on these systems. It did come down to a PATH issue. I've made sure
/usr/local/openssh/sbin and bin are at the front of my path as I
troubleshoot this issue with OpenSSH; that has not affected this issue.

I've raised the issue with the group that controls the software
engineering and future configurations for the project. That may lead to
a better system configuration in the future, but I still need to make
OpenSSH work for the environment we have right now.

I'm still open to any suggestions people have as to build options,
configuration file settings, or other steps that could generate useful
diagnostics.

Thanks again!
   Brian

Nico Kadel-Garcia wrote:
> Brian wrote:
>
>>Hello Folks!
>> I've been working with OpenSSH for several years now and find it
>>incredibly useful! Typically, installs and source builds go fairly
>>smoothly, but I've run into a snag on a Red Hat 7.2 workstation. If
>>you have any hints or ideas, please let me know! I have Googled and
>>searched OpenSSH mail archives at length but have not found the
>>solution yet.
>>
>> Project requirements mandate that we run a locally built version of
>>OpenSSH in /usr/local/openssh.
>>
>> This RH7.2 host is fully patched with the latest Redhat security
>>errata RPM releases and has the following RPMs installed:
>>
>>openssl-perl-0.9.6b-35.7
>>openssl096-0.9.6-23.7
>>openssl095a-0.9.5a-23.7.3
>>openssl-0.9.6b-35.7
>>openssl-devel-0.9.6b-35.7
>>openssh-server-3.1p1-14
>>openssh-askpass-3.1p1-14
>>openssh-askpass-gnome-3.1p1-14
>>openssh-clients-3.1p1-14
>>openssh-3.1p1-14
>>zlib-1.1.4-8.7x
>>
>> I cannot remove the installed OpenSSH RPMs to due to project
>>requirements, however, editing PATH and custom start-up scripts, we
>>want to call:
>> /usr/local/openssh/sbin/sshd -f /usr/local/openssh/etc/sshd_config
>
>
> Your project architect needs a serious boot to the head. Insisting on having
> both the default RPM installed version and a local installation in
> /usr/local/* is like telling you to use screwdrivers to drive nails. You can
> expect, and will find, all sorts of nastiness based on PATH settings finding
> the wrong binaries.
>
> Is there *ANY* way you can simply re-compile and slightly rename the RedHat
> SRPM's with your desired changes and replace them, just to make your lives
> simpler? Or is there some compelling reason to provide two activer versions
> of both the clients and the servers on these systems?
>
>
>> The system is part of an NIS group and regular users can
>>successfully telnet, authenticate, and connect to the system.
>
>
> Oooff. OK, can you update from 7.2? It's not supported any more, and the
> OpenSSH for Fedora is 3.6.1p2, which is a much smaller leap to use the very
> latest OpenSSH. Also, read the SRPM patches and spec files *VERY* carefully
> to get all the NIS and other settings right for 7.2.
>
>
>>I'm just about out of ideas. If you have any experience with this
>>issue, please let me know.
>
>
> My experience is with similar issues of old/new versions of software both
> being installed due to "policy decisions(tm)". It's extremely painful to do
> correctly: I really urge you to do wholesale updates to avoid the potential
> incompatibilities between OS and software releases.
>
>

Relevant Pages

  • VNC, OpenSSH tunnelling on Windows XP Issue
    ... OpenSSH on 2 PC's located on the same lan segment ... I then downloaded TightVNC and installed full installs (Sever and ... TightVNC viewer and connect to the other PC using localhost:1. ...
    (comp.security.ssh)
  • Re: Migrating from RedHat to Debian
    ... by the script that installs the rpms (remember that you usually don't ... install the intel compiler rpms directly). ... learning curve is steeper than Debian, but the BSD way of doing things ... FreeBSD box by trying to mount a floppy disk. ...
    (comp.os.linux.misc)
  • Re: Assistence with OpenSSH build/config on Red Hat 7.2
    ... > I've been working with OpenSSH for several years now and find it ... installs and source builds go fairly ... expect, and will find, all sorts of nastiness based on PATH settings finding ... I really urge you to do wholesale updates to avoid the potential ...
    (comp.security.ssh)
  • Re: [RH bug number] Re: ruby in the government - 1.6.x -> 1.8.x woes
    ... Then just repeat that on the servers where you need 1.8. ... RPMs, debs or whatever). ... I'd be concerned about running into problems where your ruby installs have differing modules because the development files were missing when you built ruby. ...
    (comp.lang.ruby)
  • Re: VNC, OpenSSH tunnelling on Windows XP Issue
    ... > ssh.exe supplied with the OpenSSH). ... > I then downloaded TightVNC and installed full installs (Sever and ... > TightVNC viewer and connect to the other PC using localhost:1. ...
    (comp.security.ssh)