[CentOS] mismatch in openssh latest rpm available at centos

Thu Mar 29 14:56:57 UTC 2012
m.roth at 5-cent.us <m.roth at 5-cent.us>

Johnny Hughes wrote:
> On 03/28/2012 08:05 PM, Vinay Nagrik wrote:
>> The latest rpm in openssh is 5.8, however, the corresponding latest rpm
>> available in centos 5.7  is only
>> openssh-4.3p2-72.el5_6.3.x86_64.rpm
>> and in 6.0 centos is
>> openssh-5.3p1-20.el6.x86_64.rpm
>> I have following questions.
>> 1. I want to start from src.rpm and where can I get the src.rpm for
>> openssh-5.3p1-20.el6.x86_64.rpm.
>> 2. Can I install openssh-5.3p1-20.el6.x86_64.rpm SAFELY with 5.7 centos
>> without causing any problems.
> If you rebuild it, if it rebuilds, and if you rebuild anything that
> depends on the old one, then yes.  It may not build without newer
> "buildrequires" being met though.  And now, every time there is an
> upgrade, you have to remember to get the new one and rebuild again.  You
> also have to track any changes of the new "buildrequires" that you had
> to build.
>> 3. Which of these two rpms will be most compatible with latest openssh
>> rpm version 5.8.
> If you rebuild a new ssh, you will also have to rebuild any packages
> that are built against the old openssh against the new openssh.
> If you are concerned about security ... that is the whole purpose of
> enterprise linux ... it backports security patches for 10 years while
> maintaining consistent APIs/ABIs.
> If you want the latest packages on your machine, then you want Fedora
> and not CentOS.

Well... I can see it. We had to build a newer package for 5.x, because we
*had* to have PIV-II/pkcs11 support. That's *just* come in with 6.2, to be
able to log in with a smart card. Even so, there's a bug/enhancement (and
my manager has this in w/ Redhat, and it's been escalated) needed, that it
insists on showing the userlist of recent logins.