On Fri, Apr 20, 2012 at 11:16 AM, Gerhardus Geldenhuis < gerhardus.geldenh...@gmail.com> wrote:
> Hi > I am trying to play around with signing my ssh keypairs with x509 certs. I > have been using the patches from > http://roumenpetrov.info/openssh/download.html against the official > version of openssh on the ssh website and that works and compiles. However > the standard ssh compile excludes a lot of things and it would be > nicer/better to have the Red Hat/Cent OS version that compiles into an rpm > and that can play nice with the rest of the OS. > > I did not expect it to work but applying the x509 patch and then trying to > compile the openssh package breaks when it tries to apply the security > patches. I was hoping/wondering if anyone could advise on a method of > getting the best of both worlds. Thus having a nicely working compilable > rpm for openssh with the x509 patch and all the other Red Hat security > patches included. I have a horrible feeling it will involve some coding or > at the very least looking more closely at what the patches actually does. > Did I mention that irrational fear of C and friends? > > I'm assuming you're running RHEL 5.x and it ships with OpenSSH 4.3. The patches you link to seem to be for OpenSSH 5.9 (or at most 4.5 if you want to use the patches from 2007). I believe you've to work on backporting the patch to OpenSSH 4.3. -- Giovanni
_______________________________________________ rhelv5-list mailing list rhelv5-list@redhat.com https://www.redhat.com/mailman/listinfo/rhelv5-list
