Software :: Getting Most Secure Version Of Openssl On CentOS 5 Via Yum
Jan 29, 2011
I've recently migrated an unlicensed RHEL5 box to CentOS 5 in order to get the system patched, and yum is telling me that openssl 0.9.8e is the up-to-date version. But that version is over two years old. I know I can install the newest openssl by using the rpm and I also know how to install from the tarball, but I'm trying to avoid both methods because I prefer the automated dependency handling of yum.
My question is SHOULD I be expecting yum to see openssl 0.9.8q when I run 'yum update openssl'?
If so, I'll be happy to reinvestigate my configuration for problems. I'm currently just using the default CentOS repositories.
If it's a case where anything beyond 0.9.8e simply hasn't been included from upstream, and I need to install it manually, that's fine. I'm just trying to get a handle on my expectations. I've been pouring through google and forums and looking for documentation for weeks, but there's so much that it's definitely possible I've overlooked it.
View 4 Replies
ADVERTISEMENT
Apr 19, 2010
Platform RHEL 4 Update 8.I have installen the 0.9.8m version of openSSL on the workstation with the existing version of openSSH that comes with the Operating System. When doing a secure shell connection with the following command:ssh -vvv 131.98.37.7.the output shows that it is refrencing the older version of openssl 0.9.7a.why is the openSSH still refrencing the older version of openSSL.
View 2 Replies
View Related
May 16, 2009
I just can't figure out how to enable openssl on my server. I've searched around on the web but have come upon dead ends. I recently became the admin to a server of a new company, the previous admin installed everything on this server. The server has php running which was installed thru yum I believe. And so was OpenSSL. Recently though I've been ordered to configure a online sales software. So I started investigating what I would need. I know I need OpenSSL, a certificate which should be bought, etc.
I met the dreaded dead ends when I came upon knowledge that I had to make OpenSSL work with PHP. Ok so I got to work. I found out that I needed an extension enabled in php. And the only way (that I've read so far) is thru compiling PHP with the command --with-openssl-dir=path. The problem is that I've compiled many times now and see no change in the phpinfo file. Can the extension be enabled (--with-openssl-dir=path) even after the php and openssl have been installed thru yum? I'm also new to linux
View 5 Replies
View Related
May 18, 2010
I installed the aMSN 0.96 from yum install When I try to loggin, the aMSN required installation TLS module I selected Linux-x86_64, because I am using a IBM T400 notebook computer but the system replys: Installatiom TLS module error: Couldn't get [URL] So I went to the [URL] and downloaded the tls1.6-src.tar.gz But when I configure it. the system says: configure: error: bad ssl-dir: cannot find openssl/opensslv.h under /usr/include
Then I try to using yum to install openssl
The system replies:
[root@localhost tls1.6]# yum install openssl
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
[Code].....
View 3 Replies
View Related
Sep 27, 2010
I recently just installed centos, but it appears that when I installed it v 0.9.8e was installed consequently, all the lib's etc. are /lib/libssl.so.0.9.8e instead of an ordinary /lib/libssl.so.0.9.8 etc. and this is causing some problems for me, as programs are looking for /lib/libssl.so.0.9.8, and even if i symlink/copy/move /lib/libssl.so.0.9.8e to /lib/libssl.so.0.9.8 there are still some errors occurring. I had been reading that supposedly yum is meant to have a "yum downgrade" option, however it doesn't appear to be recognised when I run it on my centos server.
View 2 Replies
View Related
Jun 26, 2011
I find my self abit stuck upgrading OpenSSL to the latest version. The situation is that i've been running LAMP servers just fine by installing the web services from the repositories AND the web services from source. However im now in the process of making a PCI-DSS compliant server LAMP server. I've just had the vulnerability scan report back and its failed due to the OpenSSL having vulnerabilities and it tells me I must upgraded to version higher 1.0.0d.
I've basically spent hours and hours trying to get this working along with research but I dont seem to be having much luck with this one
Im using a fresh install of CentOS and trying to create a RPM using the source code and rpmbuild, I read this was the best way I read, and this is my first time using rpmbuild.
Code:
yum -y install rpm-build make gcc gcc-c++ perl mlocate
cd /usr/src/
wget http://www.openssl.org/source/openssl-1.0.0d.tar.gz
updatedb
tar -zxf openssl-1.0.0d.tar.gz openssl.spec
[Code].....
View 11 Replies
View Related
Jul 4, 2010
what is the postfix version comes with CentOSPlus repository for centos 5.4
View 2 Replies
View Related
Dec 23, 2010
How to Centos 5.5 very secure for mail server. how to its performance very fast.
View 2 Replies
View Related
Mar 13, 2009
Until recently the secure log was working as expected, then suddenly it has stopped logging. No changes made that I'm aware of, though automatic updates via yum are occurring. I'm assuming this is all logged through klogd, which is running.
Not overly familiar with Linux logging, where should I be looking for problems?
View 4 Replies
View Related
Dec 1, 2010
I'm an Oracle DBA and started working for my current employer about 4 months ago. This past weekend an alert re: FS space brought my attention to /var/spool/clientmqueue (full of mail re: cron jobs) and the fact that sendmail is not running on our Linux servers.I'm told that the IT security team deemed sendmail too vulnerable so we don't run it.Aside from FS filling up and missing notification of issues with crontab entries, I'm concerned that we may be missing notification of potential issues. In other Unix/Linux environments I've seen emails from the print daemon when it experienced problems with specific jobs.
Are there other Linux facilities aside from cron and lpd that use email to advise the users of possible issues? Are there ways to secure sendmail or secure alternatives to sendmail? My primary need/desire is to make sure that emails regarding issues on the server get to the appropriate users. Secondary goal would be to have the ability to use mailx to send mail out. There is No need/desire to receive mail from outside.
View 1 Replies
View Related
Nov 2, 2010
I am running WHM and CPANEL on centos.I would like to upload a file to the root user directory. To be honest, my only experience uploading and downloading files with FTP has been with domain related accounts that were set up under WHM to be managed under CPANEL. This is quite simple, because all you do is set FileZilla or Dreamweaver up with the FTP address of the domain account and the username and password.How can I do something similar to FTP a file into the root or home directory?
View 1 Replies
View Related
Apr 16, 2011
The server I'm running is virtually stock CentOS - it's running on a xen virtual host, started as CentOS 5.1 (32 bit) when that was fresh, it's at 5.5 now and updated nightly. All packages except postgresql and php are from CentOS and EPEL.
I'm running dovecot on it, and for long time, squirrelmail connecting via localhost was good enough. All external ports were firewalled by the CentOS firewall (just 25,80,443,custom ssh are currently open).
Now I need to allow an external imap client to connect.
I have generated ssl key and configured the dovecot configuration and it should be good to go, but gosh dangit, I can't remember how to open the port in the configuration.
I did it before when I set up ssh to run on a non standard port after I got sick of constant brute force attack on port 22, but I can't recall what I did and the various tutorials I find online all tell how to do it with the GUI tool, but I don't have any GUI stuff installed.
system-config-securitylevel-tui
Is I'm pretty sure what I used to open up my custom > 1024 ssh port, but I can't remember how I used it to open that port and it doesn't seem intuitive. Also, do I need to use 993? I'd almost rather use something custom above 1024, as long as thunderbird supports it (don't care about any other mail client)
Finally, my smtp server is postfix and port 25 is already open (but not an open relay, I check it about every 3 months). For requests to send mail from a client, I would really like some authentication of some type - as in only relays for IP addresses that have recently successfully logged in the secure imap port.
View 3 Replies
View Related
Jul 10, 2009
I am trying to write a simple client that opens a secure connection. My intent is to use the OpenSSL library.
I am following this tutorial: [URL]... The tutorial mentions that I need a trust certificate store called TrustStore.pem. However, I can't find that on my machine. Is there a way to generate it? I separately downloaded the source from the OpenSSL website. The source distribution doesn't have it either. There is a whole bunch of .pem files. Can I use any one of them?
View 2 Replies
View Related
Nov 27, 2009
I'm confused about the sendmail/ssl combination. so confused, i'm not even sure what i'm confused about :) I want to have email sent from our server to the rest of the world in a 'secure' manner. Just dl'ed and installed CentOS5.4: Linux rh5 2.6.18-164.el5xen #1 SMP Thu Sep 3 04:03:03 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux the /etc/mail/sendmail.mc has the instructions
[Code]...
View 2 Replies
View Related
Jul 8, 2009
I've installed CentOS 5.3 on a machine, and I need a Samba version 3.2 or higher. Since 3.4 is out, I thought I'd grab that. But, "yum list|grep samba" gives me only version 3.0.33. Is there a package of Samba I can grab that will upgrade the 3.0 installation so that I don't have two laying around? If not and I need to compile from source, do you have any suggestions for what arguments I should give configure? I'm not used to Linux coming from the BSD world
View 1 Replies
View Related
Oct 29, 2010
I'm quite new to Linux/CentOS. I installed LAMP from official CentOS repositories and I'm wondering why the PHP (5.1.6) or MySQL (5.0.77) versions are so old. Why there is now the latest versions available.
Is it recommended to use these versions or should I update to the newest one - if so could you plesae provide me some links to official repositories&tutorials.
View 2 Replies
View Related
Mar 10, 2010
As I use a (CentOS) Linux computer and a Windows XP PC side by side, I decided to install Synergy, a software to use one computer's mouse and keyboard on neighboring computers too.However, Add/Remove Software installed Synergy Plus 1.3.4-1 instead. That mostly works... Except there's a known bug on Synergy, see bug 2955158: if you use Synergy Server on CentOS to control the Windows computer, as soon as you touch the keyboard when focus is in Windows, it freezes. (I can still ssh into CentOS, but its GUI is unusable.)
Well, Synergy-Plus 1.3.4 inherited that bug. That makes it, for that purpose, useless.So I uninstalled Synergy-Plus and tried to install the lower version, Synergy 1.3.1-7, as per the recommendation in the comment on that bug report, except: I ended up with Synergy-Plus 1.3.4 again.I tried again from the command line, using yum, to no avail: yum told me Synergy 1.3.1-7 was obsolete and replaced by Synergy-Plus.I had to exclude Synergy-Plus from installation with yum, with "-x 'synergy-plus-*'", to finally get Synergy 1.3.1-7.
There, I don't have this problem. I do think that making people upgrade to Synergy-Plus 1.3.4 is a mistake.It's still not perfect. With Windows as the Synergy server (and using the Windows keyboard), if I try to type a ">" (on an AZERTY keyboard), it types "�" instead); and I seem to have an issue to copy text from Windows into CentOS.With the roles swapped, using CentOS as the Synergy server and with the CentOS keyboard, I can copy from Windows. I'm still not sure what is the cause of this.
View 2 Replies
View Related
Jul 6, 2010
I managed to install xdebug from pecl, using the php-pear package from Centos base.
However, when trying to install PHPUnit i get an error saying I need at least PEAR >= 1.8.x
Has anyone managed to get a later version of PEAR running on Centos please?
View 1 Replies
View Related
Aug 18, 2010
I've had two centos smtp relays setup since 5.1, and it seems every day there are updates, and about every 3 months new minor releases.Is there a way to "lock" to a minor release version of centos? I use yum update to run updates, is that the correct process?
View 2 Replies
View Related
Nov 29, 2009
By the way, is there a step by step guide to install XFS file system and other related components on CENTOS 5.3,
View 2 Replies
View Related
Jul 31, 2009
I have Centos 5.3 on our server When I log-in in webmin I have a message "Warning - Your system is actually running CentOS Linux version 5.3." In the next line I have a button "Update Detected Operating System" My question is Do I need to click the link and update Detected operating system? If I do, is it going to change any configuration on our server?
View 2 Replies
View Related
Jul 22, 2010
I am new to being a sys-admin and Linux and UNIX. And I was wondering how can I tell what version of centos I have?
View 4 Replies
View Related
Mar 7, 2009
I'm looking for a PDF Printer for centos 5.2. I found something on a way to use CUPS for a PDF Printer for linux, but so far only ones I see out there are the (my version centos 5.2, i386) 4.3 i386. Dose any one know a different way to get a PDF Printer for centos. My uses for it is just to turn a website page into a PDF format for offline viewing.
View 7 Replies
View Related
Mar 13, 2009
I need to upgrade from xen-3.0.3-64.el5_2.9 which includes xen 3.1 to something that includes >= xen 3.2
1. what happened to xen-3.0.3-64.el5_2.9 and
2. where I can get an rpm for a x86_64 box with a xen version >= 3.2?
View 1 Replies
View Related
Aug 3, 2009
My server's manufaturer (supermicro) only provides RAID drivers for certain RHEL (CentOS) releases, 4.4, 5.2 and 5.9 are presently available. An accidental yum update recently took the server from CentOS 4.4 to 4.7, and abandoned the RAID driver. My choces are to reload 4.4 or go to 5.2. Since I will probably do the latter, is there a way to have yum just update within the distro, and not the distro version? Can someone ID the rpms I could exclude to be sure that the OS version remains static?
View 3 Replies
View Related
Jun 11, 2010
I am not sure if this was posted (search did not return any related results) but I am getting tagged for this version of ssh - SSH-2.0-OpenSSH_4.3. Where can I find 4.4 or above for CentOS?
View 1 Replies
View Related
Apr 5, 2011
What's the cli command to check mod ssl version?
I'm running Centos 5.3
View 2 Replies
View Related
Apr 17, 2011
i just noticed a bunch of installed i386 rpms on my freshly created x86_64 v.guest.Several questions:
1. why ?
2. how to replace with appropriate x86-64 version?
3. can i find out from which repo the rpm was installed?
View 3 Replies
View Related
Aug 15, 2011
How can I upgrade php version to 5.3 on CentOS 5.6 My current php version is 4.4.9. I want 5.3.
View 7 Replies
View Related
Oct 9, 2010
i'm currently running centos 5 with kernel version 2.6.18-92.1.22.el5 is there any way to update to kernel version >= 2.6.27 via yum ? if not via yum is it advisable to compile from source?
View 5 Replies
View Related
