The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How do I upgrade OpenSSH

Discussion in 'General Discussion' started by EdRooney, Nov 18, 2004.

  1. EdRooney

    EdRooney BANNED

    Joined:
    Oct 21, 2004
    Messages:
    166
    Likes Received:
    0
    Trophy Points:
    0
    # rpm -q openssh
    openssh-3.1p1-14

    Am I correct that this is an old exploitable version eventhough cpanel is not warning me?
    openssh-3.1p1-14

    Not only does it not warn me, but it states that is an up to date version.
    openssh is up to date
    openssh-clients is up to date
    openssh-server is up to date

    I understand openssh 3.6 is out.

    Can anyone confirm or deny this?

    How do I upgrade openSSH?

    Is there anything else that needs update that cpanel doesn't catch?
     
  2. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    This has been talked about previously, might be worth a search of the forums.

    openssh is normally released by your OS vendor. Flavours such as redhat tend to use older known working versions of software and just patch it for known exploits. Just because your version doesn't match that of the official release does not mean it is out of date. That being said, if your using an EOL OS such as redhat 9, its your responsibility to keep the software up to date as you will not get updates from redhat for those products any longer.
     
  3. StevenC

    StevenC Well-Known Member

    Joined:
    Jan 1, 2004
    Messages:
    254
    Likes Received:
    0
    Trophy Points:
    16
    You do not need to upgrade openssh since its patched. This is how redhat does things, however if you do not belive us, you "can" update using this procedure, however this is 100% at your risk, you break it, you deal with it. (It works fine if you do it right.):

    First upgrade openssl:
    Upgrade openssh:
    now run

    it should return:

    SSH is now upgraded. You should also run easyapache to have apache pickup the newer version of openssl
     
  4. nitromax

    nitromax Well-Known Member

    Joined:
    Feb 12, 2002
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    16
    I upgraded OpenSSH to 3.9p1 and SSH works great now and is reporting the new version, and SSH using a client side SSH program works great with the new version.

    However, when you open the Cpanel control panel and you click the SSH icon and try shell access from there it doesn't work. You put your in your username and password and it appears to hang, and the older 3.1p1 appears in the command line.

    Any ideas on how to get SSH running in Cpanel with the updated 3.9p1 version? Any help would be appreciated!

    (Yes, shell is enabled on the account I am testing in Cpanel)
     
  5. Malik

    Malik Member

    Joined:
    Dec 16, 2004
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    After upgrade ssh:
    Not work rkhunter and mc

    [root@ns1 root]# rkhunter
    -bash: rkhunter: command not found
    [root@ns1 root]#

    :(
     
  6. DigiCrime

    DigiCrime Well-Known Member

    Joined:
    Nov 27, 2002
    Messages:
    399
    Likes Received:
    0
    Trophy Points:
    16
    This is how I been installing OpenSSL

    ./config --prefix=/usr --openssldir=/usr/include/openssl

    And WHM shows it as being installed to...

    But I guess cause of the differences openssh wont install?

    checking OpenSSL header version... 90705f (OpenSSL 0.9.7e 25 Oct 2004)
    checking OpenSSL library version... 90701f (OpenSSL 0.9.7a Feb 19 2003)
    checking whether OpenSSL's headers match the library... no
     
Loading...

Share This Page