Ssh – How to update OpenSSL using Putty and yum command

opensslsshyum

I am so new to updating server technologies it is unbelievable but we are trying to become PCI Compliant and have to update some of our server technologies. One in particular is OpenSSL.

We are currently running arch i686 0.9.8e but we have to upgrade to ATLEAST 0.9.8g.

When I run a yum update command, there are no updates available. If I run "yum info openssl" it says available packages are: arch i386 0.9.8e but the only difference is smaller file size.

I am running the following repositories:

Loaded plugins: fastestmirror Loading
mirror speeds from cached hostfile *
addons: mirrors.netdna.com * atomic:
www6.atomicorp.com * base:
mirrors.igsobe.com * extras:
mirror.vcu.edu * updates:
mirror.vcu.edu

any help out there?

EDIT

I am running CentOS release 5.5 (Final)

When I try to manually compile using the following code:

  • cd /usr/local/src
  • rm -fR openssl-0.9.*
  • wget -N
    http://www.openssl.org/source/openssl-0.9.8g.tar.gz
  • gzip -d -c openssl-0.9.8n.tar.gz |
    gtar xvf –
  • cd openssl-0.9.8g
  • ./config
  • make
  • make install
  • alias cp=cp
  • cp -f /usr/local/ssl/bin/openssl
    /usr/bin/openssl
  • cd /usr/local/include
  • mv openssl openssl.old
  • ln -s /usr/local/ssl/include/openssl
    openssl

I get the following error:

gtar: This does not look like a tar archive
gtar: Error exit delays from previous
errors

Best Answer

As a worst-case scenario, you could always just compile your own version of openssl as an RPM for your system, and then rpm -ihv.

EDIT: Starting with the source file (.tar.gz), here's what you want to do:

1) Create a new directory to house the RPM hierarchy.

# mkdir -p myopenssl/BUILD myopenssl/RPMS myopenssl/SOURCES myopenssl/SPECS myopenssl/SRPMS

2) Go into the SOURCES directory, and download your source openssl.tar.gz 

# cd myopenssl/SOURCES
# mv openssl.tar.gz myopenssl/SOURCES/

3) Create a spec file that provides the necessary metadata (you will need to verify all the values are correct)

--- spec ----
%define _topdir     /home/user/myopenssl
%define name            openssl
%define release     0
%define version     x.x
%define buildroot %{_topdir}/%{name}-%{version}-root

BuildRoot:  %{buildroot}
Summary:        openssl
License:        GPL
Name:           %{name}
Version:        %{version}
Release:        %{release}
Source:         %{name}-%{version}.tar.gz
Prefix:         /usr
Group:          Development/Tools

%description
Special build of openssl for centos.

%prep
%setup -q

%build
./configure
make

%install
make install prefix=$RPM_BUILD_ROOT/usr

%files
%defattr(-,root,root)
/usr/local/bin/openssl

%doc %attr(0444,root,root) /usr/local/share/man/man1/openssl.1

4) After you have a spec file, use the rpmbuild command to build your RPM

# rpmbuild -v -bb --clean myopenssl/SPECS/openssl.spec

5) Your RPM is built at this point... use the following command to look at the contents:

# rpm -Vp RPMS/i386/myopenssl.i386.rpm

6) To install it, run the following as root:

# rpm -ihv myopenssl.i386.rpm

Hope this helps!

Related Topic