On 26/02/06, Erik Nørgaard <[EMAIL PROTECTED]> wrote: > > Daniel A. wrote: > > So, basically, if I want the newest version of OpenSSH running on my > > system, I have to not use the one shipped with 6.0-RELEASE, and > > install OpenSSH from ports? > > Please don't toppost. > > Installing from ports you'll get version 3.6.1. Before you get paranoid, > check the changelog - are there any changes that you actually need? do > they provide increased security? > > Cheers, Erik > > -- > Ph: +34.666334818 web: http://www.locolomo.org > S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt > Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9 > Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2 > _______________________________________________
I use the openssh-portable there is one change regarding compression that fixes a security problem that wasnt ported over to the security branch and another security flaw which I believe made it to a security list but I cannot remember which one. Again this didnt make the security branch. I also think its a good idea to keep upto date incase they patch up unpublished vulnerabilities that they keep private. Regarding stopping users running base version there are a few ways to do it ranging from deleting the base binaries and disabling it in make.conf so doesnt get rebuilt on a buildworld to making sure /usr/local/bin comes before the /usr/bin in path so when ssh is typed the portable version is ran. Chris _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"