I previously replaced openssl on my centos box with openssl10, using something like these instructions:
rpm -Uvh http://dl.iuscommunity.org/pub/ius/stable/CentOS/6/...
...x86_64/ius-release-1.0-11.ius.centos6.noarch.rpm
yum install yum-plugin-replace
# Edit /etc/yum.repos.d/ius-archive.repo and
# enable the ius-archive repo by changing enabled=0 to enabled=1.
yum replace openssl --replace-with openssl10
Then when I do a general yum update
I get errors because of openssl, so instead I do:
yum update -x openssl -x postfix
This seems to work fine, but in actual fact, I can no longer reconnect over ssh to the box:
me@local $ ssh -S none root@the_server
ssh_exchange_identification: Connection closed by remote host
Any ideas on how to recover from this situation?
Edit:
When I run sshd
on the server (I still have an open connection), I get the following error:
ssh: relocation error: ssh: symbol SSLeay_version, version OPENSSL_1.0.1
not defined in file libcrypto.so.10 with link time reference
Best Answer
There has been a bug when using IUS repositories and using it to replace
openssl
withopenssl10
and then trying to upgrade to CentOS 6.5.Basically what you have to do is go back to the stock
openssl
- which now is anyway on version 1.0.1:Use of
openssl10
is unnecessary now and unsupported.That is also why it is only available in the archive repo.
For more information see: https://lists.launchpad.net/ius-community/msg00807.html and https://bugs.launchpad.net/ius/+bug/1034961/comments/60