admin@datazap.net wrote:

> What is the different between ssh and openssh. They are both listed in
> pkgsrc. Which one should I be using?

Security/ssh is the original implementation by Tatu Ylonen and rather
old. It only supports version 1 of the protocol, which is vulnerable
by at least one attack due to conceptual problems.
Security/openssh is a fork off this original version (somewhere around
1.22 I think). It adds (and uses as default now) version 2 of the SSH
protocol. 

> Also, once I install it (through pkgsrc). How do I tell the server to
> start using the new version (I had a large problem with this when I
> switched to the lastest version of postfix.) This maybe because I have all
> my package installed in /usr/local/ (and not /usr/pkg/).

Maybe this question would be better placed on netbsd-help, but anyway...

Packages from pkgsrc which provide daemons (like ssh/openssh do) provide
a startup script similar to those used in the base system (see
/etc/rc.d/ and /etc/rc.conf). Those scripts are placed in
/usr/pkg/etc/rc.d/ by the installation and can be copied by the
administrator to /etc/rc.d/ afterwards.

If you install the package, you will still have the old version of
ssh/sshd in the NetBSD base system, so you should make sure you use the
correct program (ie. /usr/pkg/bin or /usr/local/bin should be in front
of /usr/bin and /usr/sbin in your PATH). Alternatively, you could rename
the old executables with a suffix ".broken".

The directory you use for pkgsrc should not matter if you used it right
from the start and define LOCALBASE=/usr/local in your /etc/mk.conf.

ciao
     Klaus