Re: Need a tutorial
On Thu, 22 Sep 2016, Gene Heskett wrote:
On Thursday 22 September 2016 08:06:34 Lars Noodén wrote:
OpenSSH 6.5 or later will support it. Wheezy had 6.0 (but 6.6 is in
the backports), and Jessia has 6.7, and Stretch is getting 7.3. The
release notes for 6.5 just mention that it is "better" for security
and performance.
And I am on wheezy yet, because it Just Works,
Same here. Wheezy.
so I have 6.6p1-4bpo70+1, presumably with a bunch of patches. So
there is no way to easily determine what patches have been
applied.
Not sure I follow you here.
I don't see a ChangeLog in any of those packages.
On my system:
$ for pkg in openssh-{client,server} ; do apt-get changelog ${pkg} ; done
Err Changelog for openssh-client (http://packages.debian.org/changelogs/pool/updates/main/o/openssh/openssh_6.0p1-4+deb7u6/changelog)
404 Not Found [IP: 213.165.95.4 80]
Err Changelog for openssh-client (http://security.debian.org/pool/updates/main/o/openssh/openssh_6.0p1-4+deb7u6.changelog)
404 Not Found [IP: 128.101.240.215 80]
E: changelog download failed
Err Changelog for openssh-server (http://packages.debian.org/changelogs/pool/updates/main/o/openssh/openssh_6.0p1-4+deb7u6/changelog)
404 Not Found [IP: 5.153.231.3 80]
Err Changelog for openssh-server (http://security.debian.org/pool/updates/main/o/openssh/openssh_6.0p1-4+deb7u6.changelog)
404 Not Found [IP: 128.101.240.215 80]
E: changelog download failed
As shown, I get only errors, not changelogs. But, as you can already
tell from the errors above, I don't have the backported release 6.6 of
either package installed:
$ dpkg-query -W openssh-{client,server}
openssh-client 1:6.0p1-4+deb7u6
openssh-server 1:6.0p1-4+deb7u6
Instead I currently have installed release 6.0, from regular wheezy
repo, and the last applied update was a security update.
But, regardless, just because "apt-get changelog" can't get them
doesn't mean *I* can't get the changelogs for my version, and examine
patches. For example:
$ apt-get --diff-only source openssh-client="$(dpkg-query -Wf '${Version}' openssh-client)"
[output snipped]
$ ls # notice the absence of "-client,-server" in filename; hence, afaict, apt-get changelog fails
openssh_6.0p1-4+deb7u6.debian.tar.gz
$ gunzip openssh_6.0p1-4+deb7u6.debian.tar.gz && tar xf openssh_6.0p1-4+deb7u6.debian.tar
$ head debian/changelog
openssh (1:6.0p1-4+deb7u6) wheezy-security; urgency=high
* Non-maintainer upload by the Long Tem Security Team.
* Limit password length to avoid DOS attack (CVE-2016-6515). Closes:
#833823.
-- Ola Lundqvist <opal@debian.og> Tue, 09 Aug 2016 09:56:02 +0000
openssh (1:6.0p1-4+deb7u5) wheezy-security; urgency=high
$ ls debian/patches/*.patch | wc -l
35
So that's my system.
Now, you say you have the backported releases, version 1:6.6p1-4~bpo70+1 installed on yours.
But "apt-get changelog" *will* fetch changelogs for this version. Running this command
$ for pkg in openssh-{client,server} ; do apt-get changelog ${pkg}=1:6.6p1-4~bpo70+1 ; done
on my system shows them to me. I believe it should do so on yours,
too, if you have wheezy-backports repo enabled in your sources.list.
If running, on your system,
$ for pkg in openssh-{client,server} ; do apt-get changelog ${pkg} ; done
without specifying a version does not also show you those same
changelogs, then something does not add up.
Cheers.
--
# Duplex (telecommunications) - Wikipedia, the free encyclopedia
Systems that do not need the duplex capability may instead use
simplex communication, in which one device transmits and the others
can only "listen". Examples are broadcast radio and television,
garage door openers, baby monitors, wireless microphones, and
surveillance cameras. In these devices communication is only in one
direction.
Reply to: