{"id":708,"date":"2012-08-06T04:15:33","date_gmt":"2012-08-06T10:15:33","guid":{"rendered":"http:\/\/blog.supportpro.com\/?p=708"},"modified":"2019-10-30T05:47:42","modified_gmt":"2019-10-30T11:47:42","slug":"upgrading-openssh","status":"publish","type":"post","link":"https:\/\/www.supportpro.com\/blog\/upgrading-openssh\/","title":{"rendered":"Upgrading openssh"},"content":{"rendered":"

RHEL5 and CentOS 5 run an older version of ssh, which makes doing a chroot sftp or scp more difficult.<\/p>\n

Pre-requisites:-<\/strong><\/p>\n

You need to have following packages and it’s dependencies installed:-<\/p>\n

Yum install -y rpm-devel rpm-build pam pam-devel perl openssl-devel tcp-wrappers<\/p>\n

Steps:-<\/strong><\/p>\n

It is not recommended to build RPM as root user.<\/p>\n

1. Login to server using SSH as a normal user.
\n2. In your home directory create a file .rpmmacros and add following entires to it.<\/p>\n

%_topdir %(echo $HOME)\/rpmbuild<\/p>\n

3. Next step is creating the build environment. In your home directory, create following directories:-<\/p>\n

$mkdir rpmbuild
\n$cd rpmbuild
\n$mkdir BUILD RPMS SOURCES SPECS SRPMS
\n
\n4. Download the latest openssh from their site. http:\/\/filedump.se.rit.edu\/pub\/OpenBSD\/OpenSSH\/portable\/
\n5. Once it is downloaded, copy the tarball to the rpmbuild\/SOURCES directory that you made.
\n6. You will also need to extract the tarball and copy over the spec file.<\/p>\n

$tar xvf openssh-<version>.tar.gz
\n$cd openssh-<version>
\n$cp contrib\/redhat\/openssh.spec $HOME\/rpmbuild\/SPECS
\n$cd ..
\n$cp openssh-<version>.tar.gz rpmbuild\/SOURCES<\/p>\n

7. Edit the spec file(HOME\/rpmbuild\/SPECS\/openssh.spec).
\nAlso change
\n%define no_x11_askpass 0
\nfrom 0 to 1. We don’t need the X11 accessories for this.
\nDo the same with
\n%define no_gnome_askpass 0
\nfor the same reason. Lastly, comment out the line
\n%define build6x 0
\nAs we’re not building for RHEL6.<\/p>\n

8. Build rpm. In $HOME\/rpmbuild\/SPECS run the following command:-<\/p>\n

$rpmbuild -ba openssh.spec
\nThe above command should build and create several rpms in $HOME\/rpmbuild\/RPMS\/i386<\/p>\n

9. In the i386 directory holding the rpms run,<\/p>\n

$rpm -Uvh openssh*
\nIt should update openssh, openssh-server, and openssh-clients.<\/p>\n

10. It will also create a new file in \/etc\/ssh called sshd_config.rpmnew. Make sure you have a copy of your old sshd_config. The rest of this will be done as root or with root privilege.<\/p>\n

#cd \/etc\/ssh
\n#cp sshd_config sshd_config.orig
\n#mv sshd_config.rpmnew sshd_config<\/p>\n

11. Restart the SSH service.<\/p>\n

#\/etc\/init.d\/sshd restart or
\n#service sshd restart<\/p>\n

How to check the versions of the OpenSSH installed<\/strong><\/p>\n

#rpm -qa | grep openssh<\/p>\n

If you require help, contact SupportPRO Server Admin<\/a><\/p>\n

\"Server<\/a><\/span>