DigiCrime

Well-Known Member
Nov 27, 2002
399
0
166
Done some searching seems everyones issues are a little different so im having trouble tracking down mine. Either no one has successfully got everything to work like it should or they have and dont care to help. Ive followed many threads/posts/articles on how to update aside from my own personal experience something im nto doing right.

Updating SSH using latest.


Code:
checking whether OpenSSL's headers match the library... no
configure: error: Your OpenSSL headers do not match your library

Ok, when I install SSL this is my configure line.

./config --prefix=/usr --openssldir=/usr/include/openssl;make;make test then make if no errors.

Run OpenSSL in ssh and check version it shows correctly. Rebuild apache and it shows the version I installed on WHM News panel.

Now I kinda see why its throwing out errors I assume the files are linked to the wrong file.

[email protected] [/lib]# ll /usr/lib/libssl.so
lrwxrwxrwx 1 root root 26 Apr 16 16:19 /usr/lib/libssl.so -> ../../lib/libssl.so.0.9.7a*
[email protected] [/lib]# ll /usr/lib/libcrypto.so
lrwxrwxrwx 1 root root 29 Apr 16 16:19 /usr/lib/libcrypto.so -> ../../lib/libcrypto.so.0.9.7a*


lrwxrwxrwx 1 root root 26 Apr 16 16:19 /usr/lib/libssl.so -> ../../lib/libssl.so.0.9.7a

[email protected] [~]# find / -iname libcrypto.so -exec ls -lah {} \;
find: /proc/12451/task: No such file or directory
lrwxrwxrwx 1 root root 29 Apr 16 16:19 /usr/lib/libcrypto.so -> ../../lib/libcrypto.so.0.9.7a


But when I try to track down any file for 0.9.7g I cannot find anything.... so it must be how I am installing OpenSSL (not correctly?)
 

DigiCrime

Well-Known Member
Nov 27, 2002
399
0
166
Just to add if I do this via RPM its fine but OpenSSL still shows the older version so I know for sure its the installing im doing thats wrong

[email protected] [~]# ssh -v
OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003
usage: ssh [-1246AaCfghkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]
[-D port] [-e escape_char] [-F configfile] [-i identity_file]
[-L port:host:hostport] [-l login_name] [-m mac_spec] [-o option]
[-p port] [-R port:host:hostport] [-S ctl] [[email protected]]hostname [command]
[email protected] [~]# openssl
OpenSSL> version
OpenSSL 0.9.7g 11 Apr 2005
OpenSSL> exit
 

DigiCrime

Well-Known Member
Nov 27, 2002
399
0
166
Yes, want to keep things up to date, and want it done properly. Most of the systems are Fedora Core1/2 few CentOS, Some Rehadt 9 and 7.3
 

pshepperd

Well-Known Member
Feb 12, 2005
147
0
166
so you compiled and installed a new version of openssl and you can't find it? just update your soft links to the new (g) version files?

after installing openssl did you recompile ssh?
 

DigiCrime

Well-Known Member
Nov 27, 2002
399
0
166
After SSL yes I tried SSH but I got libraries dont match so its openssl thats not installed correctly.. Only thing I can find is libcrypto.so.0.9.7a and libssl.so.0.9.7a wheres the (g) I installed ?
 

pshepperd

Well-Known Member
Feb 12, 2005
147
0
166
when there is no one on/using your server
do this

Code:
updatedb



locate libcrypto.so.0.9.7g
 

DigiCrime

Well-Known Member
Nov 27, 2002
399
0
166
I already did that, nothing came up. sorry for late response been busy.... so im still searching on how to get this resolved :eek:
 

AndyReed

Well-Known Member
PartnerNOC
May 29, 2004
2,217
4
193
Minneapolis, MN
You'll have to downgrade back to the default version, to seolve your problem. Upgrading OpenSSL and/or OpenSSH can be real messy if things go sour during installation.
 

DigiCrime

Well-Known Member
Nov 27, 2002
399
0
166
Ok, lets say I reinstall the default OpenSSL that was once there, then what? Do I have the right configuration to install openSSL from my original post up above ?
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
32
473
Go on, have a guess
What you could do is to revert back to the original openssl rpms as suggested. Then download openssl again and build it but don't install it. Then what you can do is to statically link openssh during build against that version of openssl instead of using the shared libraries. Doesn't really help if you want the latest openssl, but should get openssh up for you.
 

nitromax

Well-Known Member
Feb 12, 2002
189
0
316
Hi Chirpy,

Would you mind taking a quick look at the following post regarding a libssl.so problem? I had to update OpenSSL a while back as one of the shopping carts we use on our servers needs a newer version of OpenSSL to work with the real-time shipping modules it has. I had a heck of time getting it all to work, but finally did. Perhaps I did something wrong though.

Here is the post...

http://forums.cpanel.net/showthread.php?t=41523&highlight=phpsuexec


Thanks if you can look at that and offer any suggestions!