The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSH/SSL issues

Discussion in 'General Discussion' started by DigiCrime, May 10, 2005.

  1. DigiCrime

    DigiCrime Well-Known Member

    Joined:
    Nov 27, 2002
    Messages:
    399
    Likes Received:
    0
    Trophy Points:
    16
    Done some searching seems everyones issues are a little different so im having trouble tracking down mine. Either no one has successfully got everything to work like it should or they have and dont care to help. Ive followed many threads/posts/articles on how to update aside from my own personal experience something im nto doing right.

    Updating SSH using latest.


    Code:
    checking whether OpenSSL's headers match the library... no
    configure: error: Your OpenSSL headers do not match your library

    Ok, when I install SSL this is my configure line.

    ./config --prefix=/usr --openssldir=/usr/include/openssl;make;make test then make if no errors.

    Run OpenSSL in ssh and check version it shows correctly. Rebuild apache and it shows the version I installed on WHM News panel.

    Now I kinda see why its throwing out errors I assume the files are linked to the wrong file.

    root@ [/lib]# ll /usr/lib/libssl.so
    lrwxrwxrwx 1 root root 26 Apr 16 16:19 /usr/lib/libssl.so -> ../../lib/libssl.so.0.9.7a*
    root@ [/lib]# ll /usr/lib/libcrypto.so
    lrwxrwxrwx 1 root root 29 Apr 16 16:19 /usr/lib/libcrypto.so -> ../../lib/libcrypto.so.0.9.7a*


    lrwxrwxrwx 1 root root 26 Apr 16 16:19 /usr/lib/libssl.so -> ../../lib/libssl.so.0.9.7a

    root@ [~]# find / -iname libcrypto.so -exec ls -lah {} \;
    find: /proc/12451/task: No such file or directory
    lrwxrwxrwx 1 root root 29 Apr 16 16:19 /usr/lib/libcrypto.so -> ../../lib/libcrypto.so.0.9.7a


    But when I try to track down any file for 0.9.7g I cannot find anything.... so it must be how I am installing OpenSSL (not correctly?)
     
  2. DigiCrime

    DigiCrime Well-Known Member

    Joined:
    Nov 27, 2002
    Messages:
    399
    Likes Received:
    0
    Trophy Points:
    16
    Just to add if I do this via RPM its fine but OpenSSL still shows the older version so I know for sure its the installing im doing thats wrong

    root@ [~]# ssh -v
    OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003
    usage: ssh [-1246AaCfghkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]
    [-D port] [-e escape_char] [-F configfile] [-i identity_file]
    [-L port:host:hostport] [-l login_name] [-m mac_spec] [-o option]
    [-p port] [-R port:host:hostport] [-S ctl] [user@]hostname [command]
    root@ [~]# openssl
    OpenSSL> version
    OpenSSL 0.9.7g 11 Apr 2005
    OpenSSL> exit
     
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Is there a particular reason that you're upgrading openssl and openssh - are you running an EOL OS?
     
  4. DigiCrime

    DigiCrime Well-Known Member

    Joined:
    Nov 27, 2002
    Messages:
    399
    Likes Received:
    0
    Trophy Points:
    16
    Yes, want to keep things up to date, and want it done properly. Most of the systems are Fedora Core1/2 few CentOS, Some Rehadt 9 and 7.3
     
  5. pshepperd

    pshepperd Well-Known Member

    Joined:
    Feb 12, 2005
    Messages:
    147
    Likes Received:
    0
    Trophy Points:
    16
    so you compiled and installed a new version of openssl and you can't find it? just update your soft links to the new (g) version files?

    after installing openssl did you recompile ssh?
     
  6. DigiCrime

    DigiCrime Well-Known Member

    Joined:
    Nov 27, 2002
    Messages:
    399
    Likes Received:
    0
    Trophy Points:
    16
    After SSL yes I tried SSH but I got libraries dont match so its openssl thats not installed correctly.. Only thing I can find is libcrypto.so.0.9.7a and libssl.so.0.9.7a wheres the (g) I installed ?
     
  7. pshepperd

    pshepperd Well-Known Member

    Joined:
    Feb 12, 2005
    Messages:
    147
    Likes Received:
    0
    Trophy Points:
    16
    when there is no one on/using your server
    do this

    Code:
    
    updatedb
    
    
    
    locate libcrypto.so.0.9.7g
    
     
  8. DigiCrime

    DigiCrime Well-Known Member

    Joined:
    Nov 27, 2002
    Messages:
    399
    Likes Received:
    0
    Trophy Points:
    16
    I already did that, nothing came up. sorry for late response been busy.... so im still searching on how to get this resolved :eek:
     
  9. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    You'll have to downgrade back to the default version, to seolve your problem. Upgrading OpenSSL and/or OpenSSH can be real messy if things go sour during installation.
     
  10. DigiCrime

    DigiCrime Well-Known Member

    Joined:
    Nov 27, 2002
    Messages:
    399
    Likes Received:
    0
    Trophy Points:
    16
    Ok, lets say I reinstall the default OpenSSL that was once there, then what? Do I have the right configuration to install openSSL from my original post up above ?
     
  11. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    What you could do is to revert back to the original openssl rpms as suggested. Then download openssl again and build it but don't install it. Then what you can do is to statically link openssh during build against that version of openssl instead of using the shared libraries. Doesn't really help if you want the latest openssl, but should get openssh up for you.
     
  12. nitromax

    nitromax Well-Known Member

    Joined:
    Feb 12, 2002
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    16
    Hi Chirpy,

    Would you mind taking a quick look at the following post regarding a libssl.so problem? I had to update OpenSSL a while back as one of the shopping carts we use on our servers needs a newer version of OpenSSL to work with the real-time shipping modules it has. I had a heck of time getting it all to work, but finally did. Perhaps I did something wrong though.

    Here is the post...

    http://forums.cpanel.net/showthread.php?t=41523&highlight=phpsuexec


    Thanks if you can look at that and offer any suggestions!
     
Loading...

Share This Page