[buug] Problems installing open-ssh
Rick Moen
rick at linuxmafia.com
Thu Jul 20 12:18:36 PDT 2000
begin Zeke Krahlin quotation:
> So I downloaded openssl-0.9.5-1.i386.rpm, which link was provided in the
> page where I downloaded openssh:
>
> http://ftp.jyu.fi/RPM/contrib/libc6/i386/openssh-1.2.3-1.i386.html
I can't help noticing that that's from "contrib.redhat.com".
^^^^^^
It's really bad idea to assume that you can just install any old RPM
Intel binaries on any old RPM-based Intel distribution. Not only does
that make failures such as you experienced happen quite often, but you
can also apparently seriously hose your system.
I once saw someone attempt to install Red Hat x86 RPMs for XFree86 on a
SuSE x86 system, and doing so messed up the system so badly that mere
removal of the offending packages didn't suffice, and the user ended up
wiping the system and starting over.
I would guess that the URL above is a rpmfind.net mirror, yes? That's
the closest pale imitation that Red Hat systems have of Debian's
distributed package system -- and I suppose it's useful, but you should
be really, really careful!
http://www.linux-mandrake.com/ auto-redirects to
http://www.linux-mandrake.com/en/
The "free download" link goes to http://www.linux-mandrake.com/en/ftp.php3
which is the mirror-site list.
Let's pick a mirror site in Finland, so there'll be no possibility of
idiocy with USA export laws, or crippled versions because of the RSA
patent that expires in three months:
ftp://ftp.clinet.fi/mirrors/ftp.linux-mandrake.com/
...and hunt around for a good long while, and not find it.
You know, this is the sort of thing that really pisses me off. Those
little weasels at the NSA have managed to browbeat even a _French_ Linux
distribution into shipping without effective crypto. One of these days,
I may just walk up to the gates of Fort Meade and present them with a
bill for all my wasted time.
Search the engine on the front page of the Web site for "OpenSSH" and
"SSH". Come up dry. Bah. Losers!
Oh, wait. The front page, under "Misc", has a link called "Crypto
apps", taking you to http://www.linux-mandrake.com/en/fcrypto.php3 .
It directs you to nine non-USA sites. Let's pick the one in Sweden:
ftp://ftp.sunet.se/pub/Linux/distributions/mandrake-crypto/
Whoo-hoo! In the "RPMS" directory, we find:
depslist-crypto 1 Kb Wed Jun
14 16:35:00 2000
gnupg-1.0.1-2mdk.i586.rpm 532 Kb Wed Apr
26 07:03:00 2000
hdlist-crypto.cz2 26 Kb Wed Jun
14 16:35:00 2000
kdebase-crypto-1.91-0.20000718mdk.i586.rpm 29 Kb Mon Jul
17 23:05:00 2000
kdelibs-crypto-1.91-0.20000718mdk.i586.rpm 50 Kb Mon Jul
17 23:05:00 2000
lynx-ssl-2.8.3-1mdk.i586.rpm 851 Kb Wed Apr
26 07:03:00 2000
mod_ssl-2.6.4-1mdk.i586.rpm 357 Kb Mon May
8 13:07:00 2000
mod_ssl-sxnet-2.6.4-1mdk.i586.rpm 19 Kb Mon May
8 13:07:00 2000
netscape-128-common-4.73-7mdk.i586.rpm 6617 Kb Sun Jul
16 15:35:00 2000
netscape-128-communicator-4.73-7mdk.i586.rpm 5626 Kb Sun Jul
16 15:35:00 2000
netscape-128-navigator-4.73-7mdk.i586.rpm 3087 Kb Sun Jul
16 15:35:00 2000
openssh-2.1.1p3-1mdk.i586.rpm 86 Kb Thu Jul
13 05:35:00 2000
openssh-askpass-2.1.1p3-1mdk.i586.rpm 20 Kb Thu Jul
13 05:35:00 2000
openssh-clients-2.1.1p3-1mdk.i586.rpm 121 Kb Thu Jul
13 05:35:00 2000
openssh-server-2.1.1p3-1mdk.i586.rpm 101 Kb Thu Jul
13 05:33:00 2000
openssl-0.9.5a-3mdk.i586.rpm 561 Kb Fri May
26 10:00:00 2000
openssl-devel-0.9.5a-3mdk.i586.rpm 1041 Kb Fri May
26 10:00:00 2000
pgp-6.5.1b2i-3mdk.i586.rpm 529 Kb Mon Jun
5 12:25:00 2000
pgpgpg-0.13-2mdk.i586.rpm 23 Kb Wed Apr
26 07:06:00 2000
sftp-0.7-3mdk.i586.rpm 20 Kb Wed Apr
26 07:06:00 2000
unzip_crypt-5.12-1mdk.i586.rpm 112 Kb Tue May
9 15:44:00 2000
You know something? I'd get all of those. All.
> Wasn't it supposed to install a binary file "ssh" in folder "/etc"?
Arrgh! No! No!!!
Never ever ever.
Boy, do _YOU_ need to read the Filesystem Hierarchy Standard. No,
binaries never ever go in /etc. That tree is for configuration files.
Zeke, if you're going to configure users' systems for them and fulfill
the role of sysadmin, you _must_ study Unix and learn its internal
logic. You simply must. Otherwise, your whole scheme for configuration
and user support fails at its central point.
I'm telling you, and I know this is awfully blunt: Stop wasting your
time with Que books. Learn how this stuff works, so you can do your
clients justice.
The FHS document's current version (2.1) can be found at
http://www.pathname.com/fhs/pub/ , but only in PDF format. (What's up
with that, Dan? Have you gone pointy-haired and stupid on us?) The
immediately prior version (2.0), which is almost identical, is always
available in HTML as a link from http://www.pathname.com/fhs/ .
Please browse it. You don't have to follow it in all of its gruesome
and bureaucratic detail; just get the gist of its key points and
distinctions.
By the way, if you need access to SSH clients for _any_ platform, I
maintain the most comprehensive list anywhere in the world that I
(and the SSH mailing list) know of:
http://linuxmafia.com/pub/linux/security/ssh-clients
--
Cheers, "Open your present...."
Rick Moen "No, you open your present...."
rick (at) linuxmafia.com Kaczinski Christmas.
-- Unabomber Haiku Contest, CyberLaw mailing list
More information about the buug
mailing list