Warning: technical content ahoy!
Here’s a handy shell hack I use to update openssh/openssl on various machine under my care. Further hacks could be made to determine the latest version numbers of the ssl/ssh to fetch. Become one with the primative shell hacking vestiges in your modern Perl brain, oh Perlescent Brethren!
build=/tmp dest=/opt lynx=/usr/bin/lynx wget=/usr/bin/wget
ssl_url=”http://www.openssl.org/source/openssl-0.9.7g.tar.gz”
ssh_url=”ftp://ftp.tux.org/bsd/openbsd/OpenSSH/portable/openssh-4.0p1.tar.gz”
ssl_version=basename $ssl_url ".tar.gz"
ssh_version=basename $ssh_url ".tar.gz"
ssl_dir=”$build/$ssl_version”
ssh_dir=”$build/$ssh_version”
cd $build;
echo “Finding $ssl_version and $ssh_version…”;
if [ -e $wget ];
then
for url in $ssl_url $ssh_url;
do
file=basename $url
if [ -e $file ] ;
then
echo “Using existing $file”;
else
echo $wget $url
fi
done;
else if [ -e $lynx ]; then
for url in $ssl_url $ssh_url;
do
file=`basename $url`
if [ -e $file ] ;
then
echo "Using existing $file";
else
echo `$lynx -source $url > $file`
fi
done;
else
echo "Oops. No URL fetchers!";
exit 1;
fi
fi
# unpacking
echo “Unpacking archives”;
tar xzvf basename $ssl_url
;
tar xzvf basename $ssh_url
;
echo “Cleaning”; cd $ssl_dir && make clean; cd $ssh_dir && make clean;
echo “Building SSL”; # build ssl first; sshd depends on it cd $ssl_dir && ./config —prefix=$dest && make install
echo “Building SSH”; cd $ssh_dir && ./configure —prefix=$dest —with-ssl=$dest \ —with-sysconfig=/usr/local/etc && make install
# adjust ? if [ -e “/etc/rc.d/init.d/sshd” ]; then echo “You may need to adjust your sshd” fi