Solved security/openssh-portable: Port marked as IGNORE?

I would like to change my sshd to a new version quickly. When I use the base OS sshd, I have to recompile world, and that is taking much more time than a portupgrade -a. And I do not like openssl much and prefer libressl instead.

In the past, this worked fine.

But today, as long as I cannot rollback my ports tree, I am afraid that I have to go back to the base OS version.
 
Yes, ports tree is updated, but I still get:

Code: 
openssh-portable-7.6.p1_3,1 is marked as broken: Not yet updated for
7.6+ and disabled in base.

And yesterday I have learned that building world with base system's openssh does not fill /etc/ssh with configuration files.
 
olafz said:
Code: 
openssh-portable-7.6.p1_3,1 is marked as broken: Not yet updated for 7.6+ and disabled in base.
Click to expand...
Code: 
.if ${PORT_OPTIONS:MHPN} || ${PORT_OPTIONS:MNONECIPHER}
BROKEN=                 Not yet updated for 7.6+ and disabled in base
Turn off HPN and NONECIPHER.

And yesterday I have learned that building world with base system's openssh does not fill /etc/ssh with configuration files.
Click to expand...
That's done with mergemaster(8).
 
The port isnt outright broken, as I can attest to that given its installed on several production systems.

Its the first I have heard of an entire port been disabled because it doesnt work with a few "optional" configurations, yes openssl-devel and libressl are both optional.

Perhaps functions such as HPN should be enabled in base ssh before we all get told to use it.

Also unless 7.5 has a security issue, its perhaps better to keep the port on 7.5 fully functional than to have it on 7.6 in its current state, especially if HPN doesnt work with 7.6.

--edit--

So i see now its only blocked if HPN is enabled, the broken message is misleading, as it ommits the word HPN from its message :)
 
You must log in or register to reply here.
Back
Top