[buug] Problems installing open-ssh

Rick Moen rick at linuxmafia.com
Thu Jul 20 12:18:36 PDT 2000 

begin  Zeke Krahlin quotation:

> So I downloaded openssl-0.9.5-1.i386.rpm, which link was provided in the
> page where I downloaded openssh: 
> 
>      http://ftp.jyu.fi/RPM/contrib/libc6/i386/openssh-1.2.3-1.i386.html 

I can't help noticing that that's from "contrib.redhat.com".
                                                ^^^^^^

It's really bad idea to assume that you can just install any old RPM
Intel binaries on any old RPM-based Intel distribution.  Not only does
that make failures such as you experienced happen quite often, but you
can also apparently seriously hose your system.

I once saw someone attempt to install Red Hat x86 RPMs for XFree86 on a
SuSE x86 system, and doing so messed up the system so badly that mere 
removal of the offending packages didn't suffice, and the user ended up
wiping the system and starting over.

I would guess that the URL above is a rpmfind.net mirror, yes?  That's
the closest pale imitation that Red Hat systems have of Debian's
distributed package system -- and I suppose it's useful, but you should
be really, really careful!

http://www.linux-mandrake.com/ auto-redirects to 
http://www.linux-mandrake.com/en/
The "free download" link goes to http://www.linux-mandrake.com/en/ftp.php3
which is the mirror-site list.

Let's pick a mirror site in Finland, so there'll be no possibility of 
idiocy with USA export laws, or crippled versions because of the RSA
patent that expires in three months:
ftp://ftp.clinet.fi/mirrors/ftp.linux-mandrake.com/

...and hunt around for a good long while, and not find it.

You know, this is the sort of thing that really pisses me off.  Those
little weasels at the NSA have managed to browbeat even a _French_ Linux
distribution into shipping without effective crypto.  One of these days,
I may just walk up to the gates of Fort Meade and present them with a
bill for all my wasted time.

Search the engine on the front page of the Web site for "OpenSSH" and
"SSH".  Come up dry.  Bah.  Losers!

Oh, wait.  The front page, under "Misc", has a link called "Crypto
apps", taking you to http://www.linux-mandrake.com/en/fcrypto.php3 .

It directs you to nine non-USA sites.  Let's pick the one in Sweden:
ftp://ftp.sunet.se/pub/Linux/distributions/mandrake-crypto/

Whoo-hoo!  In the "RPMS" directory, we find:

  depslist-crypto                                        1 Kb    Wed Jun
14 16:35:00 2000 
  gnupg-1.0.1-2mdk.i586.rpm                            532 Kb    Wed Apr
26 07:03:00 2000 
  hdlist-crypto.cz2                                     26 Kb    Wed Jun
14 16:35:00 2000 
  kdebase-crypto-1.91-0.20000718mdk.i586.rpm            29 Kb    Mon Jul
17 23:05:00 2000 
  kdelibs-crypto-1.91-0.20000718mdk.i586.rpm            50 Kb    Mon Jul
17 23:05:00 2000 
  lynx-ssl-2.8.3-1mdk.i586.rpm                         851 Kb    Wed Apr
26 07:03:00 2000 
  mod_ssl-2.6.4-1mdk.i586.rpm                          357 Kb    Mon May
8 13:07:00 2000 
  mod_ssl-sxnet-2.6.4-1mdk.i586.rpm                     19 Kb    Mon May
8 13:07:00 2000 
  netscape-128-common-4.73-7mdk.i586.rpm              6617 Kb    Sun Jul
16 15:35:00 2000 
  netscape-128-communicator-4.73-7mdk.i586.rpm        5626 Kb    Sun Jul
16 15:35:00 2000 
  netscape-128-navigator-4.73-7mdk.i586.rpm           3087 Kb    Sun Jul
16 15:35:00 2000 
  openssh-2.1.1p3-1mdk.i586.rpm                         86 Kb    Thu Jul
13 05:35:00 2000 
  openssh-askpass-2.1.1p3-1mdk.i586.rpm                 20 Kb    Thu Jul
13 05:35:00 2000 
  openssh-clients-2.1.1p3-1mdk.i586.rpm                121 Kb    Thu Jul
13 05:35:00 2000 
  openssh-server-2.1.1p3-1mdk.i586.rpm                 101 Kb    Thu Jul
13 05:33:00 2000 
  openssl-0.9.5a-3mdk.i586.rpm                         561 Kb    Fri May
26 10:00:00 2000 
  openssl-devel-0.9.5a-3mdk.i586.rpm                  1041 Kb    Fri May
26 10:00:00 2000 
  pgp-6.5.1b2i-3mdk.i586.rpm                           529 Kb    Mon Jun
5 12:25:00 2000 
  pgpgpg-0.13-2mdk.i586.rpm                             23 Kb    Wed Apr
26 07:06:00 2000 
  sftp-0.7-3mdk.i586.rpm                                20 Kb    Wed Apr
26 07:06:00 2000 
  unzip_crypt-5.12-1mdk.i586.rpm                       112 Kb    Tue May
9 15:44:00 2000 

You know something?  I'd get all of those.  All.

> Wasn't it supposed to install a binary file "ssh" in folder "/etc"?

Arrgh!  No!  No!!!
Never ever ever.

Boy, do _YOU_ need to read the Filesystem Hierarchy Standard.  No,
binaries never ever go in /etc.  That tree is for configuration files.

Zeke, if you're going to configure users' systems for them and fulfill
the role of sysadmin, you _must_ study Unix and learn its internal
logic.  You simply must.  Otherwise, your whole scheme for configuration
and user support fails at its central point.

I'm telling you, and I know this is awfully blunt:  Stop wasting your
time with Que books.  Learn how this stuff works, so you can do your
clients justice.

The FHS document's current version (2.1) can be found at 
http://www.pathname.com/fhs/pub/ , but only in PDF format.  (What's up
with that, Dan?  Have you gone pointy-haired and stupid on us?)  The
immediately prior version (2.0), which is almost identical, is always
available in HTML as a link from http://www.pathname.com/fhs/ .

Please browse it.  You don't have to follow it in all of its gruesome
and bureaucratic detail; just get the gist of its key points and
distinctions.

By the way, if you need access to SSH clients for _any_ platform, I 
maintain the most comprehensive list anywhere in the world that I
(and the SSH mailing list) know of:

http://linuxmafia.com/pub/linux/security/ssh-clients

-- 
Cheers,                              "Open your present...."
Rick Moen                            "No, you open your present...."
rick (at) linuxmafia.com             Kaczinski Christmas.
               --  Unabomber Haiku Contest, CyberLaw mailing list

More information about the buug mailing list