Wednesday Tidbit: Make sure you’re running the correct SSH daemon on NetBSD

20150711 - NetBSD logoAfter my post a few months back on compiling a new version of OpenSSL on NetBSD, it occurred to me I don’t always configure the SSH daemon correctly on my test lab boxes. Even though I always install the latest version, I sometimes forget to ensure this is the version that starts on boot.

Even though sshd doesn’t have a switch for displaying the version, using the following will show you which is installed:

sshd -v

20151216 - 1Despite upgrading to version 7.1, sshd is reporting as version 5.0. This is because the version that comes part of the core packages is being found first. Rather than delete those binaries (bad) or mess around with the path (worse), create /etc/rc.conf.d/sshd and add the following:

command=/usr/pkg/sbin/sshd
sshd_flags="-f /etc/ssh/sshd_config"
sshd=YES

Restart sshd using:

/etc/rc.d/sshd restart

From a remote machine verify you are connecting to the correct version:

ssh -v yourhost

In the following instance you can see that the client version of SSH is 6.2 (Mac OS X 10.10) and the host’s sshd is version 7.1:
20151216 - 2

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s