Solved

OpenSSL

Posted on 2014-04-15
7
320 Views
Last Modified: 2014-04-15
I want to know if I have an OppenSSL  shared object on my linux system

What is the precise name (and hopefully file size) of the .so I need to detect is on my system?
0
Comment
Question by:Anthony Lucia
  • 3
  • 2
  • 2
7 Comments
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 167 total points
ID: 40001632
Which linux distro?
For redhat, fedora, centos:
rpm -qa |grep -i openssl

OpenSSL is by default installed on most distro's, but the non-affected version of heart-bleed is 1.0.1g and above. http://en.wikipedia.org/wiki/Heartbleed_bug#Affected_OpenSSL_installations

I love points, but a lot of the questions you have can be answered by a few google searches, I'm glad you trust experts, but I bet quite a few of the questions can be solved with a few more searches perhaps.
-rich
0
 

Author Comment

by:Anthony Lucia
ID: 40001658
I did the following:

rpm -qa |grep -i openssl
pyOpenSSL-0.10-2.el6.x86_64
openssl-1.0.1e-16.el6_5.x86_64

So this looks like I am sfe, and I have a non-affected version

But after doing searches, I still do not know what the actual .so name of the shared object is.

Does any one know what the share object of OpenSSL is named ?
0
 
LVL 34

Assisted Solution

by:Seth Simmons
Seth Simmons earned 333 total points
ID: 40001662
you actually want to use ql with rpm instead of qa
qa will just show the package name while ql will show the associated files

rpm -ql | grep -i openssl

Open in new window

0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 34

Expert Comment

by:Seth Simmons
ID: 40001667
So this looks like I am sfe, and I have a non-affected version

the version you have is e which is affected
0
 

Author Comment

by:Anthony Lucia
ID: 40001710
Does any one know what the name of the share object of OpenSSL, or since it was installed with RPM, does this meant that there will not be a shared object
0
 
LVL 34

Assisted Solution

by:Seth Simmons
Seth Simmons earned 333 total points
ID: 40001772
look at the command options with rpm i posted before
it will list the files associated with the package(s)
on a RHEL 6.2 system i have here i see .so files in /usr/lib64/openssl/engines
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 40001774
You need to upgrade, "e" is lower than G so it was/is affected. upgrading to G (yum update openssl) should take care of it. But if not, you can find many RPM's for your distro, which I still don't know (redhat? CentOS? Fedora? other?)
The EL rpm's I think are RedHat/CentOS, so try updating using YUM

or manually compile:
cd /usr/src
wget https://www.openssl.org/source/openssl-1.0.1g.tar.gz -O openssl-1.0.1g.tar.gz

tar -zxf openssl-1.0.1g.tar.gz
cd openssl-1.0.1g
./config
make
make test
make install

openssl version

If it shows old version do the steps below.

mv /usr/bin/openssl /root/
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl

Open in new window

Some other tips here from redhat too
https://access.redhat.com/site/solutions/781793
-rich
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco ASA blocks some https sites. 27 43
Cannot take ownership of a folder 8 43
Syslog-ng works. Now what? How to filter and manage? 8 63
Linux MD5 Hash 7 38
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question