Solved

Upgrading SSH on CentOS 5 - RPM Build Error

Posted on 2012-04-09
19
2,381 Views
Last Modified: 2012-04-10
Hi there,

I'm trying to upgrade OpenSSH from 4.3p2 to 5.8p1
I'm following instructions from: http://dancunningham.co.uk/2011/06/22/upgrade-openssh-on-centos-5/

When I started, 5.8p2  so I just changed it to 5.8p1 and downloaded it myself.

However I get right to the end at rpm build then get an error - I copied in below the error log

#!/bin/sh

  RPM_SOURCE_DIR="/usr/src/redhat/SOURCES"
  RPM_BUILD_DIR="/usr/src/redhat/BUILD"
  RPM_OPT_FLAGS="-O2 -g -m32 -march=i386 -mtune=generic -fasynchronous-unwind-tables"
  RPM_ARCH="i386"
  RPM_OS="linux"
  export RPM_SOURCE_DIR RPM_BUILD_DIR RPM_OPT_FLAGS RPM_ARCH RPM_OS
  RPM_DOC_DIR="/usr/share/doc"
  export RPM_DOC_DIR
  RPM_PACKAGE_NAME="openssh"
  RPM_PACKAGE_VERSION="5.8p1"
  RPM_PACKAGE_RELEASE="1"
  export RPM_PACKAGE_NAME RPM_PACKAGE_VERSION RPM_PACKAGE_RELEASE
  RPM_BUILD_ROOT="/var/tmp/openssh-5.8p1-buildroot"
  export RPM_BUILD_ROOT
 
  PKG_CONFIG_PATH="/usr/lib/pkgconfig:/usr/share/pkgconfig"
  export PKG_CONFIG_PATH
 
  set -x
  umask 022
  cd "/usr/src/redhat/BUILD"
cd 'openssh-5.8p1'

K5DIR=`rpm -ql krb5-devel | grep include/krb5.h | sed 's,\/include\/krb5.h,,'`
echo K5DIR=$K5DIR


  CFLAGS="${CFLAGS:--O2 -g -m32 -march=i386 -mtune=generic -fasynchronous-unwind-tables}" ; export CFLAGS ;
  CXXFLAGS="${CXXFLAGS:--O2 -g -m32 -march=i386 -mtune=generic -fasynchronous-unwind-tables}" ; export CXXFLAGS ;
  FFLAGS="${FFLAGS:--O2 -g -m32 -march=i386 -mtune=generic -fasynchronous-unwind-tables}" ; export FFLAGS ;
  ./configure --host=i686-redhat-linux-gnu --build=i686-redhat-linux-gnu \
      --target=i386-redhat-linux \
      --program-prefix= \
       --prefix=/usr \
      --exec-prefix=/usr \
      --bindir=/usr/bin \
      --sbindir=/usr/sbin \
      --sysconfdir=/etc \
      --datadir=/usr/share \
      --includedir=/usr/include \
      --libdir=/usr/lib \
      --libexecdir=/usr/libexec \
      --localstatedir=/var \
      --sharedstatedir=/usr/com \
      --mandir=/usr/share/man \
      --infodir=/usr/share/info \
      --sysconfdir=/etc/ssh \
      --libexecdir=/usr/libexec/openssh \
      --datadir=/usr/share/openssh \
      --with-tcp-wrappers \
      --with-rsh=/usr/bin/rsh \
      --with-default-path=/usr/local/bin:/bin:/usr/bin \
      --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
      --with-privsep-path=/var/empty/sshd \
      --with-md5-passwords \
      --with-pam \
       --with-kerberos5=$K5DIR \



make


# Define a variable to toggle gnome1/gtk2 building.  This is necessary
# because RPM doesn't handle nested %if statements.
%if 1
gtk2=yes
%else
      gtk2=no
%endif


exit 0

Any ideas?
0
Comment
Question by:Luke_fleming
  • 7
  • 6
  • 6
19 Comments
 
LVL 5

Expert Comment

by:kanalQko
ID: 37825869
add Fedora repo to your local yum repos and just type in terminal "yum update openssh" that`s all (probably priority should be changed too)

to add fedora/epel repo run following command "rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm"
when done you could update/install openssh via yum
0
 
LVL 5

Expert Comment

by:kanalQko
ID: 37825876
or if you won`t add epel repo, just download that package http://pkgs.org/centos-5-rhel-5/centalt-i386/openssh-5.8p2-16.el5.1.i386.rpm.html (choose i386 or x64)
and install it via RPM or YUM
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 37826141
Hi,

If you want to use a precompiled binary you can get it from a repo as the lanalQko indicated.

But if you want to see ehat is wrong with the compilation you should post the error message here. When I wanted to compile I had 2 problems:

- The first one was the error that you have got. I've fixed it by installing pam-devel since it was looking for some pam header files and they are located in pam-devel:
yum install pam-devel

Open in new window

- Then I had a problem with documentation. It was looking for some WARNING* documentation to copy but could not find them there. To fix this I've edited the spec.file and changed the line to read like the second one (Removing WARNING* ):
%doc CREDITS ChangeLog INSTALL LICENCE OVERVIEW README* PROTOCOL* TODO WARNING*

Open in new window

%doc CREDITS ChangeLog INSTALL LICENCE OVERVIEW README* PROTOCOL* TODO

Open in new window

After this it has successfully finished the compile.
Obsoletes: ssh-server
Checking for unpackaged file(s): /usr/lib/rpm/check-files /var/tmp/openssh-5.9p1-buildroot
Wrote: /usr/src/redhat/RPMS/x86_64/openssh-5.9p1-1.x86_64.rpm
Wrote: /usr/src/redhat/RPMS/x86_64/openssh-clients-5.9p1-1.x86_64.rpm
Wrote: /usr/src/redhat/RPMS/x86_64/openssh-server-5.9p1-1.x86_64.rpm
Executing(%clean): /bin/sh -e /var/tmp/rpm-tmp.27268

Open in new window


I hope this helps.

Cheers,
K.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 1

Author Comment

by:Luke_fleming
ID: 37826885
Hi,

So first of all I tried installing Fedora repo:

<code>-bash-3.2# rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm
Retrieving http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm
error: skipping http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm - transfer failed - Unknown or unexpected error
warning: u 0x8e45768 ctrl 0x95b2910 nrefs != 0 (download.fedoraproject.org http)
-bash-3.2#</code>

And then I tried loading the OpenSSH package directly:

<code>-bash-3.2# rpm -Uvh http://centos.alt.ru/repository/centos/5/i386/openssh-server-5.8p2-16.el5.1.i386.rpm
Retrieving http://centos.alt.ru/repository/centos/5/i386/openssh-server-5.8p2-16.el5.1.i386.rpm
error: Failed dependencies:
        openssh = 5.8p2-16.el5.1 is needed by openssh-server-5.8p2-16.el5.1.i386
-bash-3.2#</code>


I believe I'm getting these errors becuase in CentOS 5 there are no repos for OpenSSH 4.4+
which is why I was building my own RPM from those instructions in my first post.

KeremE - I will try you solution shortly - see what we get!

Thanks,
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 37826925
Hi,

<code>-bash-3.2# rpm -Uvh http://centos.alt.ru/repository/centos/5/i386/openssh-server-5.8p2-16.el5.1.i386.rpm
Retrieving http://centos.alt.ru/repository/centos/5/i386/openssh-server-5.8p2-16.el5.1.i386.rpm
error: Failed dependencies:
        openssh = 5.8p2-16.el5.1 is needed by openssh-server-5.8p2-16.el5.1.i386
-bash-3.2#</code>

You should have 3 rpms ready to install the new version As you can see from what I've posted these are:

openssh-5.9p1-1.x86_64.rpm   or the equivalent i386 version (replace x86_64 with i386)
openssh-clients-5.9p1-1.x86_64.rpm
openssh-server-5.9p1-1.x86_64.rpm

You can not install them successfully without downloading all 3 of them. They all dependent on each other.

KeremE - I will try you solution shortly - see what we get!

Just take your time.

Cheers,
K.
0
 
LVL 5

Expert Comment

by:kanalQko
ID: 37826943
If you will configure yum repos properly, then it will install dependencies automatically,
It's better to use yum than rpm installer
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 37827286
<code>-bash-3.2# rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm
Retrieving http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm
error: skipping http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm - transfer failed - Unknown or unexpected error
warning: u 0x8e45768 ctrl 0x95b2910 nrefs != 0 (download.fedoraproject.org http)
-bash-3.2#</code>

Even if you2d succeededt it would not work you're trying to install RHRL 6 version of EPEL. AFAIK you use RHEL 5 !!!
0
 
LVL 5

Expert Comment

by:kanalQko
ID: 37827964
KeremE has right therefore you could use EPEL 5 repo

"rpm -ivh http://download.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm"
0
 
LVL 1

Author Comment

by:Luke_fleming
ID: 37828021
Now I'm getting this when trying EPEL 5:

-bash-3.2# rpm -ivh http://download.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm
Retrieving http://download.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm
error: skipping http://download.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm - transfer failed - Unknown or unexpected error
warning: u 0x8a18768 ctrl 0x9185910 nrefs != 0 (download.fedoraproject.org http)
-bash-3.2#
0
 
LVL 5

Expert Comment

by:kanalQko
ID: 37828035
download it manually via wget

cd /tmp
wget http://download.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm
rpm -ivh epel-release-5-4.noarch.rpm
0
 
LVL 1

Author Comment

by:Luke_fleming
ID: 37828098
"package epel-release-5-4.noarch is already installed"


I've already tried yum update openssh

But there are no updates for it on my version of Centos 5. So this takes me back to im pretty sure that there is no predefined binaried to upgrade openssh on CentOS 5 ? Anyone know of any others?
0
 
LVL 5

Expert Comment

by:kanalQko
ID: 37828138
in that case you could follow up this:

http://survivalguides.wordpress.com/2011/05/20/installing-openssh-5-8-centos-5-5/

I know, you have already followed up similar guide
0
 
LVL 1

Author Comment

by:Luke_fleming
ID: 37828223
I managed to build the RPM by following KeremE's instructions, now I have the three RPM's I need they wont install


-bash-3.2# rpm -Uvh *.rpm
error: Failed dependencies:
        openssh = 4.3p2-82.el5 is needed by (installed) openssh-askpass-4.3p2-82.el5.i386


I believe this is an update for OpenSSH 4.3p2
Obviously - this isnt available by doing yum update openssh....

Any ideas?

Thanks!
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 37828284
I've already tried yum update openssh

But there are no updates for it on my version of Centos 5. So this takes me back to im pretty sure that there is no predefined binaried to upgrade openssh on CentOS 5 ? Anyone know of any others?

I don2t think it is possible to replace CentOS supplied OpenSSH over the existing repos. You'll either remove openssh and reinstall using yum after disabling base and updates libraries and enabling epel library. Or you'll need to compile it as I've suggested earlier.

Another option is to get all three rpms and install them manually.

Cheers,
K.
0
 
LVL 5

Expert Comment

by:kanalQko
ID: 37828297
that`s right, anyway I`d recommend you to upgrade whole OS, centos 5 is quite old
0
 
LVL 1

Author Comment

by:Luke_fleming
ID: 37828408
upgrading centOS 5 is a massive job though - especially we have to do it remotely.
I know this is the ideal situation.  Is there any good online guides? Maybe I can start planning it.

Thanks
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 37828608
-bash-3.2# rpm -Uvh *.rpm
error: Failed dependencies:
        openssh = 4.3p2-82.el5 is needed by (installed) openssh-askpass-4.3p2-82.el5.i386


I believe this is an update for OpenSSH 4.3p2
Obviously - this isnt available by doing yum update openssh....

You'll first need to remove the existing OpenSSH askpass module.  Newly compiled rpms do not have a rpm for askpass and therefore it remains there. When it remains it would need the base openssh module. This is a clash. So first remove the SSH askpass module using this command:
rpm -ev openssh-askpass| 

Open in new window


Then do the install using rpms.

Cheers,
K.
0
 
LVL 30

Accepted Solution

by:
Kerem ERSOY earned 500 total points
ID: 37828628
upgrading centOS 5 is a massive job though - especially we have to do it remotely.
I know this is the ideal situation.  Is there any good online guides? Maybe I can start planning it.

If all you need is just a new OpsnSSH upgrading the whole system to CentOS 6 is an overkill. CentOS 5 will have support for 1-2 years more so you can plan the upgrade for a later time.

for the time being removing the ask-pass module should do..

Cheers,
K.
0
 
LVL 1

Author Closing Comment

by:Luke_fleming
ID: 37829330
Amazing!
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

You ever wonder how to backup Linux system files just like Windows System Restore?  Well you can use Timeshift in Linux to perform those similar action.  This tutorial will show you how to backup your system files and keep regular intervals. Note…
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
Learn the basics of strings in Python: declaration, operations, indices, and slicing. Strings are declared with quotations; for example: s = "string": Strings are immutable.: Strings may be concatenated or multiplied using the addition and multiplic…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question