utchin

Registered
Feb 1, 2013
4
0
1
cPanel Access Level
Root Administrator
Hi,

I have been trying to upgrade my SSH to be PCI compliant and i have locked myself out:

I followed this : http://forums.cpanel.net/f5/whats-take-update-openssh-5-1-higher-170818.html

Code:
#!/bin/bash
#Configuration:
temp_working_directory=/usr/local/src
openssh_source_link=http://filedump.se.rit.edu/pub/OpenBSD/OpenSSH/portable/openssh-5.6p1.tar.gz
install_prefix=/usr


#Saving old sshd init script:
cp -a /etc/rc.d/init.d/sshd /etc/rc.d/init.d/sshd.save

#Uninstall OS installed SSH
rpm -e openssh openssh-clients openssh-server
##Installing OpenSSH 5.6p1 from source:

#Downloading OpenSSH5.6p1
cd $temp_working_directory && wget -c "$openssh_source_link"
##Untaring and configure openssh
tar xfz openssh-5.6p1.tar.gz
#Removing openssh archive openssh-5.6p1.tar.gz
rm -rf openssh-5.6p1.tar.gz
cd openssh-5.6p1 ;./configure --prefix=$install_prefix && make && make install
#Restoring sshd init script
cp -a /etc/rc.d/init.d/sshd.save /etc/rc.d/init.d/sshd

#Restarting SSHD:
/sbin/service sshd restart
`which ssh` -V
echo "Duplicate your ssh connection to the server and verify that the new SSHD started"
and i get:

Code:
checking whether getpgrp requires zero arguments... yes
checking OpenSSL header version... 9080df (OpenSSL 0.9.8m 25 Feb 2010)
checking OpenSSL library version... 90802f (OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008)
checking whether OpenSSL's headers match the library... no
configure: error: Your OpenSSL headers do not match your
library. Check config.log for details.
If you are sure your installation is consistent, you can disable the check
by running "./configure --without-openssl-header-check".
Also see contrib/findssl.sh for help identifying header/library mismatches.

-bash-3.2# #Restoring sshd init script
-bash-3.2# cp -a /etc/rc.d/init.d/sshd.save /etc/rc.d/init.d/sshd
-bash-3.2# 
-bash-3.2# #Restarting SSHD:
-bash-3.2# /sbin/service sshd restart
Stopping sshd:                                             [FAILED]
Starting sshd: /etc/init.d/sshd: line 114: /usr/sbin/sshd: No such file or directory
                                                           [FAILED]
-bash-3.2# `which ssh` -V
/usr/bin/which: no ssh in (/usr/kerberos/sbin:/usr/kerberos/bin:/usr/lib/courier-imap/sbin:/usr/lib/courier-imap/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin)
-bash: -V: command not found
-bash-3.2# echo "Duplicate your ssh connection to the server and verify that the new SSHD started"
Duplicate your ssh connection to the server and verify that the new SSHD started

and i can not get the service started again.

Any help?

CentOS
 

utchin

Registered
Feb 1, 2013
4
0
1
cPanel Access Level
Root Administrator
i managed to fix it..

I wont delete the topic as it might help others fix it. I used:

#!/bin/bash
#Configuration:
temp_working_directory=/usr/local/src
openssh_source_link=http://filedump.se.rit.edu/pub/OpenBSD/OpenSSH/portable/openssh-5.6p1.tar.gz
install_prefix=/usr


#Saving old sshd init script:
cp -a /etc/rc.d/init.d/sshd /etc/rc.d/init.d/sshd.save

#Uninstall OS installed SSH
rpm -e openssh openssh-clients openssh-server
##Installing OpenSSH 5.6p1 from source:

#Downloading OpenSSH5.6p1
cd $temp_working_directory && wget -c "$openssh_source_link"
##Untaring and configure openssh
tar xfz openssh-5.6p1.tar.gz
#Removing openssh archive openssh-5.6p1.tar.gz
rm -rf openssh-5.6p1.tar.gz
cd openssh-5.6p1 ;./configure --without-openssl-header-check --prefix=$install_prefix && make && make install
#Restoring sshd init script
cp -a /etc/rc.d/init.d/sshd.save /etc/rc.d/init.d/sshd

#Restarting SSHD:
/sbin/service sshd restart
`which ssh` -V

echo "Duplicate your ssh connection to the server and verify that the new SSHD started"


and it worked. it was right in front of my the whole time: ./configure --without-openssl-header-check