* On 2016-03-21 at 16:54 GMT, Andrew Klaus wrote: > I'm using the latest version of SmartOS base-64-lts and noticed a few > things that stood out to me. > > I saw that the OpenSSH was built using version 1.0.1p OpenSSL library as > seen here: > https://gist.github.com/precurse/348a7d04a1c1b09ddccf
I'll just point out that the /usr versions come from the SmartOS platform (uname -v) you are running, and are independent from the base images you spin up in zones. Images provide /etc and /opt/local, whereas /usr is a read-only mount from the global zone. The 'openssl' command you are running will be coming from /opt/local, which explains why it is different from the one in use by the platform OpenSSH. > While OpenSSH itself is relatively current (7.1p2 instead of 7.2p2), it was > built using a release of OpenSSL that's nearly a year old and 3 patch > releases old: https://www.openssl.org/news/openssl-1.0.1-notes.html > (1.0.1s is the most current). > > Not as concerning, but I have noticed that the default SSH Config is using > line items that are deprecated as seen in the /var/log/authlog log here: > https://gist.github.com/precurse/19c339f5e333c3969e88 > > Any idea if there are plans to fix these in the base images? I'll leave Alex and Robert to answer these bits, I know Alex started working on a 7.2p2 update but had to back it out. Cheers, -- Jonathan Perkin - Joyent, Inc. - www.joyent.com ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
