Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

OpenSSL

Posted on 2014-04-15
7
Medium Priority
?
329 Views
Last Modified: 2014-04-15
I want to know if I have an OppenSSL  shared object on my linux system

What is the precise name (and hopefully file size) of the .so I need to detect is on my system?
0
Comment
Question by:Anthony Lucia
  • 3
  • 2
  • 2
7 Comments
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 668 total points
ID: 40001632
Which linux distro?
For redhat, fedora, centos:
rpm -qa |grep -i openssl

OpenSSL is by default installed on most distro's, but the non-affected version of heart-bleed is 1.0.1g and above. http://en.wikipedia.org/wiki/Heartbleed_bug#Affected_OpenSSL_installations

I love points, but a lot of the questions you have can be answered by a few google searches, I'm glad you trust experts, but I bet quite a few of the questions can be solved with a few more searches perhaps.
-rich
0
 

Author Comment

by:Anthony Lucia
ID: 40001658
I did the following:

rpm -qa |grep -i openssl
pyOpenSSL-0.10-2.el6.x86_64
openssl-1.0.1e-16.el6_5.x86_64

So this looks like I am sfe, and I have a non-affected version

But after doing searches, I still do not know what the actual .so name of the shared object is.

Does any one know what the share object of OpenSSL is named ?
0
 
LVL 36

Assisted Solution

by:Seth Simmons
Seth Simmons earned 1332 total points
ID: 40001662
you actually want to use ql with rpm instead of qa
qa will just show the package name while ql will show the associated files

rpm -ql | grep -i openssl

Open in new window

0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 36

Expert Comment

by:Seth Simmons
ID: 40001667
So this looks like I am sfe, and I have a non-affected version

the version you have is e which is affected
0
 

Author Comment

by:Anthony Lucia
ID: 40001710
Does any one know what the name of the share object of OpenSSL, or since it was installed with RPM, does this meant that there will not be a shared object
0
 
LVL 36

Assisted Solution

by:Seth Simmons
Seth Simmons earned 1332 total points
ID: 40001772
look at the command options with rpm i posted before
it will list the files associated with the package(s)
on a RHEL 6.2 system i have here i see .so files in /usr/lib64/openssl/engines
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 40001774
You need to upgrade, "e" is lower than G so it was/is affected. upgrading to G (yum update openssl) should take care of it. But if not, you can find many RPM's for your distro, which I still don't know (redhat? CentOS? Fedora? other?)
The EL rpm's I think are RedHat/CentOS, so try updating using YUM

or manually compile:
cd /usr/src
wget https://www.openssl.org/source/openssl-1.0.1g.tar.gz -O openssl-1.0.1g.tar.gz

tar -zxf openssl-1.0.1g.tar.gz
cd openssl-1.0.1g
./config
make
make test
make install

openssl version

If it shows old version do the steps below.

mv /usr/bin/openssl /root/
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl

Open in new window

Some other tips here from redhat too
https://access.redhat.com/site/solutions/781793
-rich
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have written articles previously comparing SARDU and YUMI.  I also included a couple of lines about Easy2boot (easy2boot.com).  I have now been using, and enjoying easy2boot as my sole multiboot utility for some years and realize that it deserves …
Experts Exchange expands question security options for members.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question