[csw-maintainers] Problem with update of latest openssh

Dagobert Michelsen dam at opencsw.org
Mon Jul 25 11:09:25 CEST 2011 

Hi Yann,

hi have some issues with the latest update of OpenSSH in unstable:

1. Some of the files are not migrated

This is true for the host keys ssh_host_* and sshd_config originally
located in /etc/ssh/:

> unstable9s# ls -l /etc/ssh /etc/opt/csw/ssh/
> /etc/opt/csw/ssh/:
> total 547
> -rw-r--r--   1 root     other     125811 Jul 25 10:38 moduli
> -rw-r--r--   1 root     bin       125811 Jul 24 04:12 moduli.CSW
> -rw-r--r--   1 root     bin         1529 Mar 28  2009 ssh_config
> -rw-r--r--   1 root     bin         1602 Jul 24 04:12 ssh_config.CSW
> -rw-------   1 root     other        672 Jul 25 10:38 ssh_host_dsa_key
> -rw-r--r--   1 root     other        602 Jul 25 10:38 ssh_host_dsa_key.pub
> -rw-------   1 root     other        887 Jul 25 10:38 ssh_host_rsa_key
> -rw-r--r--   1 root     other        222 Jul 25 10:38 ssh_host_rsa_key.pub
> -rw-r--r--   1 root     other       8427 Jul 25 10:38 ssh_known_hosts
> -rwxr--r--   1 root     other       2906 Jan 24  2009 sshd_config
> -rw-r--r--   1 root     bin         3320 Jul 24 04:12 sshd_config.CSW
> 
> /etc/ssh:
> total 218
> -rw-r--r--   1 root     sys        88308 Jul 15  2010 moduli
> -rw-r--r--   1 root     sys          861 Oct 18  2007 ssh_config
> -rw-------   1 root     root         672 Jan 23  2009 ssh_host_dsa_key
> -rw-r--r--   1 root     root         602 Jan 23  2009 ssh_host_dsa_key.pub
> -rw-------   1 root     root         887 Jan 23  2009 ssh_host_rsa_key
> -rw-r--r--   1 root     root         222 Jan 23  2009 ssh_host_rsa_key.pub
> -rw-r--r--   1 root     root        8427 Mar 26  2010 ssh_known_hosts
> -rw-r--r--   1 root     sys         5208 Jul 15  2010 sshd_config


2. Error on startup:

> unstable9s# /etc/init.d/cswopenssh start
> unstable9s# Could not load host key: /etc/opt/csw/ssh/ssh_host_ecdsa_key

This is probably also due to using the wrong configuration file.


3. cswopenssh is down after upgrade on Solaris 9 even if it was running before

I remember we talked about daemon autostart (which is false here), but AFAIR
the run-status of a daemon should be kept after update. Disabling sshd on
a machine can be nasty if you don't have another of accessing it.


Best regards

  -- Dago



-- 
"You don't become great by trying to be great, you become great by wanting to do something,
and then doing it so hard that you become great in the process." - xkcd #896

More information about the maintainers mailing list