Linux – Repairing replaced OpenSSL installation

I previously replaced openssl on my centos box with openssl10, using something like these instructions:

rpm -Uvh http://dl.iuscommunity.org/pub/ius/stable/CentOS/6/...
     ...x86_64/ius-release-1.0-11.ius.centos6.noarch.rpm
yum install yum-plugin-replace
# Edit /etc/yum.repos.d/ius-archive.repo and 
# enable the ius-archive repo by changing enabled=0 to enabled=1.
yum replace openssl --replace-with openssl10

Then when I do a general yum update I get errors because of openssl, so instead I do:

yum update -x openssl -x postfix

This seems to work fine, but in actual fact, I can no longer reconnect over ssh to the box:

me@local $ ssh -S none root@the_server
ssh_exchange_identification: Connection closed by remote host

Any ideas on how to recover from this situation?

Edit:
When I run sshd on the server (I still have an open connection), I get the following error:

ssh: relocation error: ssh: symbol SSLeay_version, version OPENSSL_1.0.1 
    not defined in file libcrypto.so.10 with link time reference

Best Answer

There has been a bug when using IUS repositories and using it to replace openssl with openssl10 and then trying to upgrade to CentOS 6.5.

Basically what you have to do is go back to the stock openssl - which now is anyway on version 1.0.1:

yum replace openssl10 --replace-with openssl

Use of openssl10 is unnecessary now and unsupported.
That is also why it is only available in the archive repo.

For more information see: https://lists.launchpad.net/ius-community/msg00807.html and https://bugs.launchpad.net/ius/+bug/1034961/comments/60

Best Answer

Related Solutions

Linux – OpenSSL 0.9.8k or higher on CentOS 5

Redhat | Openssl installation error

Related Topic