Upgrade Openssl and Openssh

When you install openssh on a linux machine, use portable version. The version name will contain “p” in it. Eg: openssh-5.3p1.tar.gz — OpenSSH_5.3p1

First we will upgrade openssl

cd /usr/src

wget http://www.openssl.org/source/openssl-0.9.8l.tar.gz

tar -zxf openssl-0.9.8l.tar.gz

cd openssl-0.9.8l

./config

make

make test

make install

openssl version

If it shows old version do the steps below.

mv /usr/bin/openssl /root/

ln -s /usr/local/bin/openssl /usr/bin/openssl

[root@test2 lib]# openssl version OpenSSL 0.9.8l 5 Nov 2009

Now get the latest source from an official mirror:

cd /usr/local/src/

wget ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-5.3p1.tar.gz

tar -zxf openssh-5.3p1.tar.gz

cd openssh-5.3p1

./configure –prefix=/usr –sysconfdir=/etc/ssh –with-ssl-dir=/usr/src/openssl-0.9.8l –with-pam –with-libs=-ldl –without-zlib-version-check –with-tcp-wrappers

make

make install

/sbin/service sshd restart

If you get a user error you need to add a sshd user. Do that by running this command:

adduser sshd -s /sbin/nologin

If you don’t get any error about a user you do not have to worry about adding the user. Open another ssh window and make sure ssh works ok, if running the following command returns something with

[root@server /]# sshd -V sshd: illegal option — V OpenSSH_5.3p1, OpenSSL 0.9.8l 5 Nov 2009

Advertisements
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: