I have a server Ubuntu 14.04 which initially had OpenSSH 6.6 and OpenSSL 1.0.1f installed, and with these commands, i updated openSSH:
sudo apt install -y build-essential libssl-dev zlib1g-dev
wget "https://mirror.edgecast.com/pub/OpenBSD/OpenSSH/portable/openssh-7.4p1.tar.gz"
tar xfz openssh-7.4p1.tar.gz
cd openssh-7.4p1
./configure
make
sudo make install && sudo service ssh restart && ssh -V
After that, i have an output of:
OpenSSH_7.4p1, OpenSSL 1.0.1f
The thing is that i have updated openSSL separately after that, with these commands:
sudo wget "https://www.openssl.org/source/openssl-1.0.2n.tar.gz"
tar xfz openssl-1.0.2n.tar.gz
cd openssl-1.0.2n/
./config
make
sudo make install
After that, i run: openssl version
and i get:
OpenSSL 1.0.2n
but ssh -V
shows:
OpenSSH_7.4p1, OpenSSL 1.0.1f
Is there a way of having ssh -V returning OpenSSH_7.4p1, OpenSSL 1.0.2n?
Thanks in advance!
CodePudding user response:
As per OpenSSH INSTALL instructions: LibreSSL/OpenSSL should be compiled as a position-independent library (i.e. with -fPIC) otherwise OpenSSH will not be able to link with it.
Update your OpenSSL ./config command to include -fPIC no-shared
:
sudo wget "https://www.openssl.org/source/openssl-1.0.2n.tar.gz"
tar xfz openssl-1.0.2n.tar.gz
cd openssl-1.0.2n/
./config -fPIC no-shared
make
sudo make install
You may have to run "make clean && make dclean
" before recompiling and installing OpenSSL
CodePudding user response:
System need to know where the new version of openssl is, try :
cd openssl-1.0.2n/
./config --prefix=/usr/local --openssldir=/usr/local/openssl shared
make clean && make && make install
openssl version
echo "/usr/local/ssl/lib" >> /etc/ld.so.conf
ldconfig -v
export LD_LIBRARY_PATH=/usr/local/lib
Then cd
into openssh directory, clean and rebuild.