Difference: MacOSX (r16 vs. r15)

MAC OSX

OSX 10.4.7 August Security Update

This update includes a new version of SSH (OpenSSH 4.2) which uses a new mechanism for doing Kerberos authentication. The new version fixes a weakness in the old version. Unfortunately, the two mechanisms don't inter-operate and there is no backwards compatibilty provided. This means that the update breaks using Kerberos/SSH to most all FNAL machines and MSUHEP machines. Note that telnet will still work to FNAL (not allowed to MSUHEP machines). June 2007 - a new version of OpenSSH server that

Before applying this update, make a copy of the ssh program /usr/bin/ssh so that you'll have the old version for connecting to old servers. (If you've already done the update, contact me and we can fix things.)

See http://listserv.fnal.gov/scripts/wa.exe?A1=ind0608&L=macusers

The ssh binary before update: A copy of OpenSSH 3.8.1p1 is available from http://security.fnal.gov/tools/OpenSSH_3.8.1p1_ppc.tar.gz You can download that tarball, and copy the files frim bin to /usr/bin on your mac. (You may wish to preserve the existing files on your mac first.)

mac:~ little$ ls -l sudo cp OpenSSH_3.8.1p1/bin/* /usr/bin /usr/bin/ssh -rwxr-xr-x 1 root wheel 231248 May 27 2005 /usr/bin/ssh mac:~ little$ ssh -v OpenSSH_3.8.1p1, OpenSSL 0.9.7i 14 Oct 2005 

Want to copy this binary to another location, perform the update, copy the new binary to another location and then create a softlink to the old binary named /usr/bin/ssh.

mac:~ little$ sudo cp /usr/bin/ssh /usr/bin/ssh-3.8.1p1
Password:
mac:~ little$ ls -l /usr/bin/ssh*
-rwxr-xr-x   1 root  wheel  231248 May 27  2005 /usr/bin/ssh
-rwxr-xr-x   1 root  wheel  231248 Aug 15 02:16 /usr/bin/ssh-3.8.1p1
-rwxr-xr-x   1 root  wheel   75968 May 27  2005 /usr/bin/ssh-add
-rwxr-xr-x   1 root  wheel   63016 May 27  2005 /usr/bin/ssh-agent
-rwxr-xr-x   1 root  wheel   84948 May 27  2005 /usr/bin/ssh-keygen
-rwxr-xr-x   1 root  wheel  129660 May 27  2005 /usr/bin/ssh-keyscan

Now do software update.

Then do:

mac:~ little$ sudo cp /usr/bin/ssh /usr/bin/ssh-4.2

mac:~ little$ sudo rm /usr/bin/ssh
mac:~ little$ sudo ln -s /usr/bin/ssh-3.8.1p1 /usr/bin/ssh

mac:~ little$ ssh -v
OpenSSH_3.8.1p1, OpenSSL 0.9.7i 14 Oct 2005

Local Pages

-- TomRockwell - 25 May 2006

 
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback