Re: running ports openssh instead of the base
On 26/03/06 Bob Goodman said: > You will probably prefer to use security/openssh-portable. > That port is more recent if I understand correctly, > and is capable of replacing the base ssh automatically, > thus making it unnecessary to bug with rc.conf. > "make config" will list the options. > Hope this helps. Thanks, I'll look at that too. Mike -- Michael P. Soulier <[EMAIL PROTECTED]> "Any intelligent fool can make things bigger and more complex... It takes a touch of genius - and a lot of courage to move in the opposite direction." --Albert Einstein pgpJZ0duDqGWq.pgp Description: PGP signature
Re: running ports openssh instead of the base
On 25/03/06 Mark Kane said: > - > To enable this port, please add sshd_program=/usr/local/sbin/sshd and make > sure sshd_enable is set to YES in your /etc/rc.conf What about the initscript? So I keep running the one from the base, and it picks up this change, or do I rename the sshd.sh.sample provided by the port? Mike -- Michael P. Soulier <[EMAIL PROTECTED]> "Any intelligent fool can make things bigger and more complex... It takes a touch of genius - and a lot of courage to move in the opposite direction." --Albert Einstein pgpOH1idYLUgI.pgp Description: PGP signature
Re: running ports openssh instead of the base
Sorry for double-posting, somehow I forgot to include the subject line. > Hi there, > > If I want to use the openssh from ports to replace the one from the base, > after building and installing it, so I need to do anything special in rc.conf > to specify that I'd like that one run instead of sshd from the base? > > Thanks, > Mike > You will probably prefer to use security/openssh-portable. That port is more recent if I understand correctly, and is capable of replacing the base ssh automatically, thus making it unnecessary to bug with rc.conf. "make config" will list the options. Hope this helps. Bob Goodman Concerned about your privacy? Instantly send FREE secure email, no account required http://www.hushmail.com/send?l=480 Get the best prices on SSL certificates from Hushmail https://www.hushssl.com?l=485 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: running ports openssh instead of the base
On 25/03/06 Mark Kane said: > Hi. From /usr/ports/security/openssh/pkg-message Doh! Thanks, Mike -- Michael P. Soulier <[EMAIL PROTECTED]> "Any intelligent fool can make things bigger and more complex... It takes a touch of genius - and a lot of courage to move in the opposite direction." --Albert Einstein pgpX5dpQNmMQI.pgp Description: PGP signature
Re: running ports openssh instead of the base
Michael P. Soulier wrote: Hi there, If I want to use the openssh from ports to replace the one from the base, after building and installing it, so I need to do anything special in rc.conf to specify that I'd like that one run instead of sshd from the base? Thanks, Mike Hi. From /usr/ports/security/openssh/pkg-message - To enable this port, please add sshd_program=/usr/local/sbin/sshd and make sure sshd_enable is set to YES in your /etc/rc.conf You may also want to put NO_OPENSSH=true in your /etc/make.conf and make sure your path is setup to /usr/local/bin before /usr/bin so that you are running the port version of openssh and not the version that comes with FreeBSD 'PermitRootLogin no' is the new default for the OpenSSH port. This now matches the PermitRootLogin configuration of OpenSSH in the base system. Please be aware of this when upgrading your OpenSSH port, and if truly necessary, re-enable remote root login by readjusting this option in your sshd_config. Users are encouraged to create single-purpose users with ssh keys and very narrowly defined sudo privileges instead of using root for automated tasks. - HTH -Mark -- GnuPG Public Key: http://www.mkproductions.org/mk_pubkey.asc Internet Radio: Party107 (Trance/Electronic) - http://www.party107.com Rock 101.9 The Edge (Rock) - http://www.rock1019.net IRC: MIXXnet IRC Network - irc.mixxnet.net (Nick: MIXX941) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"