[buug] Problems installing open-ssh

Rick Moen rick at linuxmafia.com
Fri Jul 21 02:12:56 PDT 2000 

begin Zeke Krahlin quotation:

> I had *no idea. I was led to believe that Mandrake was totally
> compatible with RPM installations. I have *not come across any such
> warning in the several Linux books I have finished reading. Thanks for
> the warning, I appreciate this.

Yeah, there's a _lot_ of crucial facts omitted from those Linux books.  
My favourite example of something always omitted is how to have a safety
fallback boot image in your lilo configuration.  This trick gets omitted
because the books essentially give no thought to admins compiling their
own kernels.  Therefore, when, inevitably, admins get around to playing
with new kernels (either ones they compile or pre-packaged ones), they
get in trouble and end up with unbootable systems, because nobody's held
their hands and said "Here:  You'll want this trick in place, _because_ 
sooner or later you're going to want to play with replacement kernels, 
and you'll want a way to recover when (not "if") you paint yourself into
a corner with a new kernel that doesn't successfully boot your system.

Here's linuxmafia.com's /etc/lilo.conf:

boot=/dev/sda
root=/dev/sda2
install=/boot/boot.b
map=/boot/map
vga=normal
delay=20
default=linux
image=/boot/vmlinuz
        label=linux
	read-only
image=/boot/vmlinuz-old
	label=linux-old
	read-only

The first paragraph (label=linux), the default, is the one I use for any
new, candidate kernels I _think_ ought to work, and would like to test.
The second paragraph (label=linux-old) is used for a known-good kernel
that I'll be able to boot, if the first paragraph's kernel turns out to
be a dud.

The two "image=" filenames are actually symlinks, which at any given
time I point to the two kernel images in /boot that I want to use.
This way, I never have to edit /etc/lilo.conf at all, just the symlinks
in /boot.   For that matter, /boot is on a partition I ordinarily don't
even have mounted.  I mount it temporarily, only when I need to update
lilo's bootable information by running the lilo "compiler", /sbin/lilo.

For lack of the above trick, large numbers of novice Linux sysadmins end
up blowing away and reloading their systems in frustration, the first
time they experiment with replacement kernels and have them fail to
boot.

> Okay, I FTP'd them all in one fell swoop...except those three large
> Netscape files, as I'm already updated to version 4.73.

The only advantage of the strong-crypto version is that it does 128-bit
SSL.  The regular version people tend to use is limited to 40 bits, at
the behest of the USA spook community.
 
> But according to the documentation, there is supposed to be an "ssh"
> binary, as the secure-shell client.

Ja.  You should consider just removing the rpms using the package
utility, since heavens knows what you have.

> I only have one Que book...but no Linux book I have, discusses installing
> and running secure shell (including "Running Linux")

Quite right -- and a scandal that is, too.  In light of which, I'm even
more glad to have provided the URLs I did, earlier.  You will also find
links to some more good articles inside my ssh-clients file, referenced
earlier.

-- 
Cheers,                              "Open your present...."
Rick Moen                            "No, you open your present...."
rick (at) linuxmafia.com             Kaczinski Christmas.
               --  Unabomber Haiku Contest, CyberLaw mailing list

More information about the buug mailing list