Subject: security/openssh
To: None <tech-pkg@netbsd.org>
From: Dima Veselov <kab00m@lich.phys.spbu.ru>
List: tech-pkg
Date: 10/08/2003 02:22:04
Hi!

I successfully built Perl on a Solaris/sparc64 box, openssl working
perfectly too. Tried to install openssh and got some strange trouble.

[root@openssh]$ /usr/pkg/bin/ssh
Segmentation Fault (core dumped)

Package seem compile well, but when installing I got these errors:

By the way - what is the best way to create /dev/urandom? I used AndIRand
package for Solaris, but never got openssl to open /dev/urandom in this case.

...
and /etc/sshd.conf, then you will have to copy them:

        /etc/ssh.conf  --> /usr/pkg/etc/ssh/ssh_config
        /etc/sshd.conf --> /usr/pkg/etc/ssh/sshd_config

The `sshd' user and `sshd' group used for
privilege separation have been created if they did not already exist.
For security reasons, UsePrivilegeSeparation has to be yes
(the default value).

===========================================================================
===========================================================================
$NetBSD$

You will need a working /dev/urandom.  Please make sure you have a kernel
compiled from a config file containing the line:

        pseudo-device   rnd
===========================================================================

usage: /usr/pkg/sbin/pkg_admin [-b] [-d lsdir] [-V] [-s sfx] command args ...
Where 'commands' and 'args' are:
 rebuild                     - rebuild pkgdb from +CONTENTS files
 check [pkg ...]             - check md5 checksum of installed files
 add pkg ...                 - add pkg files to database
 delete pkg ...              - delete file entries for pkg in database
 lsall /path/to/pkgpattern   - list all pkgs matching the pattern
 lsbest /path/to/pkgpattern  - list pkgs matching the pattern best
 dump                        - dump database
 pmatch pattern pkg          - returns true if pkg matches pattern, otherwise false
usage: /usr/pkg/sbin/pkg_admin [-b] [-d lsdir] [-V] [-s sfx] command args ...
Where 'commands' and 'args' are:
 rebuild                     - rebuild pkgdb from +CONTENTS files
 check [pkg ...]             - check md5 checksum of installed files
 add pkg ...                 - add pkg files to database
 delete pkg ...              - delete file entries for pkg in database
 lsall /path/to/pkgpattern   - list all pkgs matching the pattern
 lsbest /path/to/pkgpattern  - list pkgs matching the pattern best
 dump                        - dump database
 pmatch pattern pkg          - returns true if pkg matches pattern, otherwise false
usage: /usr/pkg/sbin/pkg_admin [-b] [-d lsdir] [-V] [-s sfx] command args ...
Where 'commands' and 'args' are:
 rebuild                     - rebuild pkgdb from +CONTENTS files
 check [pkg ...]             - check md5 checksum of installed files
 add pkg ...                 - add pkg files to database
 delete pkg ...              - delete file entries for pkg in database
 lsall /path/to/pkgpattern   - list all pkgs matching the pattern
 lsbest /path/to/pkgpattern  - list pkgs matching the pattern best
 dump                        - dump database
 pmatch pattern pkg          - returns true if pkg matches pattern, otherwise false
===> Registering installation for openssh-3.7.1.2
usage: /usr/pkg/sbin/pkg_admin [-b] [-d lsdir] [-V] [-s sfx] command args ...
Where 'commands' and 'args' are:
 rebuild                     - rebuild pkgdb from +CONTENTS files
 check [pkg ...]             - check md5 checksum of installed files
 add pkg ...                 - add pkg files to database
 delete pkg ...              - delete file entries for pkg in database
 lsall /path/to/pkgpattern   - list all pkgs matching the pattern
 lsbest /path/to/pkgpattern  - list pkgs matching the pattern best
 dump                        - dump database
 pmatch pattern pkg          - returns true if pkg matches pattern, otherwise false
usage: /usr/pkg/sbin/pkg_admin [-b] [-d lsdir] [-V] [-s sfx] command args ...
Where 'commands' and 'args' are:
 rebuild                     - rebuild pkgdb from +CONTENTS files
 check [pkg ...]             - check md5 checksum of installed files
 add pkg ...                 - add pkg files to database
 delete pkg ...              - delete file entries for pkg in database
 lsall /path/to/pkgpattern   - list all pkgs matching the pattern
 lsbest /path/to/pkgpattern  - list pkgs matching the pattern best
 dump                        - dump database
 pmatch pattern pkg          - returns true if pkg matches pattern, otherwise false
usage: /usr/pkg/sbin/pkg_admin [-b] [-d lsdir] [-V] [-s sfx] command args ...
Where 'commands' and 'args' are:
 rebuild                     - rebuild pkgdb from +CONTENTS files
 check [pkg ...]             - check md5 checksum of installed files
 add pkg ...                 - add pkg files to database
 delete pkg ...              - delete file entries for pkg in database
 lsall /path/to/pkgpattern   - list all pkgs matching the pattern
 lsbest /path/to/pkgpattern  - list pkgs matching the pattern best
 dump                        - dump database
 pmatch pattern pkg          - returns true if pkg matches pattern, otherwise false

-- 
Sincerelly yours