Call for testing: OpenSSH 7.7

Gaetan Bisson bisson at archlinux.org
Sat Mar 24 08:36:16 AEDT 2018


[2018-03-23 14:25:35 -0400] Phil Pennock:
> I don't know arch well enough to know if it's possible to get older
> OpenSSL onto it, or if the "rolling release" nature means that they're
> completely switched over.

I maintain Arch's official openssh package; it's built with
openssl-1.1 using a patch derived from [1]. I've updated it
for openssh-7.7's latest snapshot [2]; all tests pass and
live testing shows no issue so far.

[1] http://vega.pgw.jp/~kabe/vsd/patch/openssh-7.4p1-openssl-1.1.0c.patch.html
[2] https://git.archlinux.org/svntogit/packages.git/tree/trunk/openssl-1.1.0.patch?h=packages/openssh

(The bulk of the patch consists in accessing data structures
in a different way, which I don't see as an intrusive change,
so the above is not entirely surprising.)

We also have an openssl-1.0 package (and many other branches
in the AUR) but avoid using it except for pieces of software
which really cannot be ported to openssl-1.1.

Cheers.

-- 
Gaetan


More information about the openssh-unix-dev mailing list