Re: Upgrade openssl .deb? or purge old ver and install new?

To: "debian-user@lists.debian.org" <debian-user@lists.debian.org>
Subject: Re: Upgrade openssl .deb? or purge old ver and install new?
From: montefin <montefin@finux.com>
Date: Tue, 18 Jul 2000 22:06:44 -0600
Message-id: <[🔎] 39752954.934E5F4B@finux.com>
References: <[🔎] 3974B768.F0CA4963@finux.com>

Well,

I vote for wipe both clean, 'apt-get install' Woody's openssl-0.9.5a and
build openssh-2.1.1p4 from source tomorrow morning.

montefin looks at all the votes.

Er...vote.

Hmmmm. I won!

Somebody stop me!

montefin


montefin wrote:
> 
> Hi,
> 
> Just hoping for a little guidance before I upgrade both ssl and ssh.
> 
> With a new (Potato-based, linux-2.2.16) firewall in place between my
> SDSL connection and my internal network, I now want to open a secure
> telnet connection (port 22) to and from the outside, and to close the
> regular telnet connection (port 23).
> 
> To accomplish that, I've downloaded openssh-2.1.1p4 from
> http://www.openssh.com/. Since that requires openssl-9.9.5a, I also
> added http://non-us.debian.org/debian-non-US woody/non-US main contrib
> non-free to my /etc/apt/sources.list so I can apt-get it.
> 
> Currently, I have openssh-1.2.3-8, openssl-0.9.4-5, apache-ssl, and
> apache-perl on the firewall -- all installed via apt-get.
> 
> I've run 3 apt-get simulations:
> 
> 1.) apt-get --simulate install openssl -- which says it will upgrade
> openssl and add 1 required library, libssl095a.
> 
> 2.) apt-get --simulate remove openssl -- which says it will remove
> apache-perl, apache-ssl and openssl, and install php3, apache-dev and
> apache-common.
> 
> 3.) apt-get --simulate remove ssh -- which says it will just remove ssh.
> 
> The only fly in the ointment (that I can see) is that I accepted the
> default expiration on the temporary certificate I made for apache-ssl
> back in April, so it has expired.
> 
> ---> Okay, here's my question(s): Since there is no .deb file (AFAICT)
> for openssh-2.1.1p4, I'm going to have to apt-get remove (or dpkg
> --purge) ssh anyway and install the new version from source. Would there
> be any advantage to going to the extra trouble of removing/purging and
> re-installing openssl, apache-ssl and apache-perl? Besides, that is,
> getting the opportunity to create new certificates and keys now that I
> know a little more about how to do that? Of course, if the openssl
> upgrade gave me the same opportunity, that would clinch it for me.
> 
> And one bug-a-boo, I _know_ I have seen a version of the openssl tookit
> saying it _includes_ the ssh functionalities, but for the life of me I
> can't re-locate that source. Was I dreaming?
> 
> Any guidance would be vastly appreciated -- especially if there are
> better, simpler ways to go about updating the security features on the
> firewall which, btw, is a 486DX, 64Mb RAM, 514Mb HDD machine running
> Potato on a 2.2.16 kernel (with vague notions of bumping up to
> 2.4.0-test5, which is humming along nicely on my P II box, because I
> _love_ them iptables).
> 
> Thanks in advance for any help, and for your patience with
> 
> montefin
>

Reply to:

References:
- Upgrade openssl .deb? or purge old ver and install new?
  - From: montefin <montefin@finux.com>

Prev by Date: Re: Fw: failure notice
Next by Date: midi html tags
Previous by thread: Upgrade openssl .deb? or purge old ver and install new?
Next by thread: pppd error
Index(es):
- Date
- Thread