OpenSSH question, please!! :)

Jason McCormick jason at devrandom.org
Tue Feb 25 11:42:55 EST 2003 

Devin,
  I've CC-ed the list so this gets archived.

> when trying to run ssh, I get:
>
> OpenSSL version mismatch: Built against 90602f, you have 90701f

This is what I was saying before 
http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=104589343318200&w=2 
.   The binary packages provided by RedHat have many things compiled 
against them.  If you don't follow the upgrade path recommended by 
RedHat (i.e. they keep everything at 0.9.6b as an internal version 
number) then you run into instances like this.

> I wonder if this is something simple, but I
> am really confused as to why the latest version of SSH would be
> giving me these mismatch problems.

This is a security precaution.  If it would happen that someone replaced 
the libraries of OpenSSL with a hacked version or a compromised 
replacement it would be caught.  Obviously not a foolproof method but 
is definitely a help.

> Failed Dependencies:
> 	openssh = 3.4p1-2 is needed by (installed) openssh-server-3.4p1-2
> 	openssh = 3.4p1-2 is needed by (installed) openssh-clients-3.4p1-2
> 	openssh = 3.4p1-2 is needed by (installed) openssh-askpass3.4p1-2

RPM isn't always clear with its dependencies.  When dealing with RedHat 
there's 5 packages for OpenSSH - openssh, openssh-server, 
openssh-client, openssh-askpass and openssh-askpass-gnome.  You need to 
upgrade all of those at the same time.

> So basically I am stumped as to how to fix
> this.  Should I try and compile from source? I'd love to learn how to
> use RPMS instead though, especially for items like SSH which I wont
> need to recompile often.

What you should do is go to Rawhide (my favorite mirror is 
ftp.dulug.duke.edu) and go to the SRPMS tree 
(ftp.redhat.com/pub/redhat/linux/rawhide/SRPMS/SRPMS) and get 
openssh-3.5p1-6.src.rpm.  This is the source RPM for RedHat's openssh 
packages.  If you're on RH8.0 you'll want to do an 'rpmbuild --rebuild 
openssh-3.5p1-6.src.rpm'.  This will make the 5 packages you need in 
/usr/src/redhat/RPMS/i386.  You can then install them from there and 
should resolve your depedences.

On a side note, while I use many RedHat servers in a production release, 
I would not consider 8.0 "production ready" just yet.  They're working 
out a lot of bugs that'll be fixed in 8.1.

If you continue to have problems, please e-mail me back but please make 
sure to CC openssh-unix-dev at mindrot.org so other can benefit.  Thanks.

-- 
Jason McCormick
jason at devrandom.org

More information about the openssh-unix-dev mailing list