On Fri, 2004-07-23 at 08:26, Bryce wrote:

> Dependency warning: used OpenSSL version contains
> known vulnerabilities
> Please update or define either WITH_OPENSSL_BASE or
> Can anyone throw some light on how to fix this?

As already mentioned you can just use the base system ssh. If however
you want to upgrade it to a newer version ( advisable if this machine is
accessible to the public ) then you will have to do as the above says.

By default the base system contains openssl in /usr/bin and the openssl
port installs to /usr/local/bin. This is why you're given the option
WITH_OPENSSL_BASE, meaning /usr/bin/openssl or WITH_OPENSSL_PORT,
meaning /usr/local/bin/openssl. Basically it's saying, if you already
have an updated version in base or ports then tell me where it is.

The above is also applicable to openssh. To prevent yourself from
getting confused you could always do the following to both openssl and
openssh after installing/upgrading them from ports:

cd /usr/bin; mv openssl openssl.base; ln -s /usr/local/bin/openssl

..and the same with ssh which will make sure you always use the latest
version. By default your $PATH is set to use the base version. If you
are going to use the ports then you may also want to ensure the
following are defined in /etc/make.conf

NO_OPENSSH=     true
NO_OPENSSL=     true

Nelis Lamprecht
PGP: http://www.8ball.co.za/pgpkey/nelis.asc
"Unix IS user friendly.. It's just selective about who its friends are."

Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to