[TriLUG] Openssh update failure

Jeremy P jeremyp at pobox.com
Fri Dec 14 16:01:42 EST 2001


My email has been goofing up, so I apologize if this gets out twice:

First... download the update for ssh from the Red Hat 7.1 directory, and
it "should" work.  Don't use the update from another directory in
the Red Hat tree.  If that doesn't work, download ALL updates
from the Red Hat 7.1 update directory:
ftp://distro.ibiblio.org/pub/linux/distributions/redhat/updates/7.1/en/os/i386/

When you've got all of those downloaded, run this command from the
download directory:
	rpm -Fvh *.rpm
-F means "freshen" -- it will upgrade only those packages that you have
installed.  It's important that packages that depend on each other be
installed at the same time through one rpm command.

If you really only want to update ssh and nothing else, you'll need to
"rebuild" the package agains your current libc and openssl libraries.  To
do this, download the source rpm (openssh-xxxx.src.rpm) and issue this
command:
	rpm --rebuild openssh-xxxx.src.rpm	
Then, the rebuilt binary will be in /usr/src/redhat/RPMS/i386/
You should have no trouble installing your rebuilt binary.

Learn to use rpm --rebuild -- it's your friend when dealing with various
versions of libraries!

By the way, when upgrading you should always have an emergency boot disk
("mkbootdisk" command creates one).  This will let you boot your existing
system and get around your "LI" problem.  You can also boot the Red Hat CD
in "rescue" mode to troubleshoot problems... there's never any reason to
totally re-install.

Hope this helps,
Jeremy


On Fri, 14 Dec 2001, Kevin Hunter wrote:

> 
> Well, from your detailed response, it seems I'm stuck.  The goal this
> entire time was to get ssh up to date due to the CERT announcement (
> 2001-35 ).  It would seem this would be a case to try up2date.  This
> is a RH 7.1 install.  I tried a 7.2 upgrade last night and ended up
> w/ a "anaconda page fault" during install and a "LI" prompt after
> reboot. I had to recover the whole thing from scratch ( which is not
> a big deal since this is not a production server ) and Dell had
> provided a recovery CD.  I'm not proficient enought to recover from a
> LI situation.
> 
> This whole mess is my own fault. This server sat for a while b/f I
> got serious about getting it up and running and secured.  That's
> while it's so many errata behind.  Would it be foolish to do an
> up2date this one time and from there deal w/ errata's by hand on an
> "as needed" basis??
> 
> KH





More information about the TriLUG mailing list