Red Hat will not be issuing OpenSSH 3.4 packages for Red Hat 7.x (can't say that I blame them, customer support would be a nightmare). Unfortunately I really wanted OpenSSH 3.4 on my server systems (privsep, all the bug fixes, etc.). I modifed the Red Hat spec file slightly, you will need that, the source RPM from Red hat, and the source code for OpenSSH 3.4 portable. I have disabled askpass/gnome stuff, this is aimed at servers, not clients.
wget http://seifried.org/security/os/linux/redhat/seifried-redhat-openssh.spec wget ftp://updates.redhat.com/7.3/en/os/SRPMS/openssh-3.1p1-6.src.rpm wget ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz rpm -Uvh openssh-3.1p1-6.src.rpm cp openssh-3.4p1.tar.gz /usr/src/redhat/SOURCES/ cp seifried-redhat-openssh.spec /usr/src/redhat/SPECS/ cd /usr/src/redhat/SPECS/ rpm -ba seifried-redhat-openssh.spec ... wait for it to compile, hopefully without errors and you should have: /usr/src/redhat/RPMS/i386/openssh-3.4p1-1.i386.rpm /usr/src/redhat/RPMS/i386/openssh-clients-3.4p1-1.i386.rpm /usr/src/redhat/RPMS/i386/openssh-server-3.4p1-1.i386.rpm /usr/src/redhat/SRPMS/openssh-3.4p1-1.src.rpm rpm -Fvh /usr/src/redhat/RPMS/i386/*ssh*3.4* It will not overwrite sshd_config or ssh_config, you will probably need to edit and copy the .rpmnew ones if you've done any tweaking. Please for the love of all that is holy DO NOT DEPLOY ON REMOTE PRODUCTION SERVERS UNTIL YOU HAVE TESTED IT ON A LOCAL MACHINE. I cannot stress this enough. If it breaks I'll let you keep all the pieces. These instructions are also available at: http://seifried.org/security/os/linux/redhat/20020701-rh7x-openssh-34.html Fromt he spec file: * Mon Jul 1 2002 Kurt Seifried <[EMAIL PROTECTED]> 3.4p1 - creates sshd user and group, creates /var/empty directory - imported openssh-3.4p1 portable source, removed various conflicting patches - turned off askpass, gnome stuff, this rpm is aimed at servers - USE AT YOUR OWN RISK Kurt Seifried, [EMAIL PROTECTED] A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/ http://www.iDefense.com/
