Re: sshd and redhat 6.2 (!)

In article <vdvep4-oiq.ln1@xxxxxxxxxxxxxxxx> Darren Tucker
<dtucker@xxxxxxxxxxxxxxxx> writes:
On 2007-08-16, Mauricio <raubvogel@xxxxxxxxx> wrote:
Yes, I need to put ssh in a redhat box and canot upgrade its kernel
and/or gcc until I get that running. Long story, but the bottom line
is there are programs we do not know if we can upgrade to begin with.
I got a fairly late version of openssl and the latest version of
openssh. After telling it to configure without selinux, I was able to
get that compiled. I started sshd but I cannot ssh to the machine
even if I do ssh localhost:
[...]

I think Redhats of that vintage had MD5 passwords (check the /etc/shadow
file and see if the password strings start with "$1$") but had a crypt
function that didn't natively support it.

No, that has certainly never been the case - but you may still have hit
the nail on the head.:-) The --with-md5-passwords nonsense is OpenSSL's
fault - in older versions it included a crypt() function that only did
DES, and depending on in which order the -l flags were given in the
OpenSSH build, you'd end up with that one instead of the OS-native one.
I think that by default the OpenSSH build would give the flags in the
"wrong" order... In current OpenSSL that function has been renamed, but
I don't recall off-hand what version that happened in, nor does my
crystal ball reveal what "a fairly late version of openssl" might be.

--Per Hedeland
per@xxxxxxxxxxxx
.