openssh installation error "configure: error: Your OpenSSL"

K

kumarbka

Hi,

I have a FreeBSD 9.1-RC3, amd64 box.

I have installed OpenSSL 1.0.1g successfully. but when I am upgrading OpenSSH I am getting the below error message while running ./configure. Kindly help me on this and let me know if you have any questions.

Code: 
checking OpenSSL header version... 1000107f (OpenSSL 1.0.1g 7 Apr 2014)
checking OpenSSL library version... 1000103f (OpenSSL 1.0.1c 10 May 2012)
checking whether OpenSSL's headers match the library... no
configure: error: Your OpenSSL headers do not match your
library. Check config.log for details.
If you are sure your installation is consistent, you can disable the check
by running "./configure --without-openssl-header-check".
Also see contrib/findssl.sh for help identifying header/library mismatches.


Thanks in advance.
 
Re: openssh installation error "configure: error: Your OpenS

kumarbka said:
I have a FreeBSD 9.1-RC3, amd64 box.
Click to expand...
Please upgrade it to the full 9.1-RELEASE. It was released in December 2012 so there's absolutely no reason why you'd still have a release candidate.

I have installed OpenSSL 1.0.1g successfully. but when I am upgrading OpenSSH I am getting the below error message while running ./configure. Kindly help me on this and let me know if you have any questions.
Click to expand...
Use the port, security/openssl. And by updating the base OS the base OpenSSH will also be up to date.
 
Re: openssh installation error "configure: error: Your OpenS

Thanks for your reply @SirDice.

I am not able to upgrade/change the OS from RC to full release at presently since business restriction.

Kindly let me know, is there any possibilities to install openssh instead of using /usr/ports and to avoid the error (your OpenSSL headers do not match your library).

Thanks again.
 
Last edited by a moderator:
Re: openssh installation error "configure: error: Your OpenS

kumarbka said:
I am not able to upgrade/change the OS from RC to full release at presently since business restriction.
Click to expand...
Business requirements usually state that you need to use a supported version. The release candidates are not supported. There have been a number of security fixes since the 9.1-RELEASE. You're not getting any of those either. And that's really bad for business.

Kindly let me know, is there any possibilities to install openssh instead of using /usr/ports and two avoid the error (Your OpenSSL headers do not match your library).
Click to expand...
The only way to update sshd(8) is to update the base OS. Keep in mind that FreeBSD uses a modified version of OpenSSH.
 
Re: openssh installation error "configure: error: Your OpenS

Thanks @SirDice.

I have installed the freebsd " FreeBSD 8.0-RELEASE" and OpenSSL version openssl-1.0.1g successfully.

Code: 
freebsd# openssl version
OpenSSL 1.0.1g 7 Apr 2014
freebsd# ssh -V
OpenSSH_5.2p1 FreeBSD-20090522, OpenSSL 0.9.8k 25 Mar 2009
freebsd#

Still the SSH version uses the old SSL "OpenSSL 0.9.8k" as copied from the output above. hence I have tried to upgrade the OpenSSH (openssh-6.6p1). I am getting the below error message while running ./configure:

Code: 
checking whether getpgrp requires zero arguments... yes
checking OpenSSL header version... 1000107f (OpenSSL 1.0.1g 7 Apr 2014)
checking OpenSSL library version... 9080bf (OpenSSL 0.9.8k 25 Mar 2009)
checking whether OpenSSL's headers match the library... no
configure: error: Your OpenSSL headers do not match your
library. Check config.log for details.
If you are sure your installation is consistent, you can disable the check
by running "./configure --without-openssl-header-check".
Also see contrib/findssl.sh for help identifying header/library mismatches.
Kindly let me know how to fix this.

Thanks again.
 
Last edited by a moderator:
Re: openssh installation error "configure: error: Your OpenS

kumarbka said:
I have installed the freebsd " FreeBSD 8.0-RELEASE" and OpenSSL version openssl-1.0.1g successfully.
Click to expand...
This got me puzzled; why would you downgrade from 9.1 to 8.0, also considering that version 8.0 is pretty much obsolete right now?

That will only worsen your problems since you'll run across many software packages which might not even be able to build cleanly. You're bound to come across these problems when using the ports collection.

Which is basically my suggestion: why not use the ports collection in the first place? It uses the original software package as released by the programmer / author, it provides you with all the patch files up front so you can see exactly which changes are being applied to make the software work with FreeBSD but most of all you can be assured that the software will work in your FreeBSD environment.

Check this link for an overview of which FreeBSD versions are supported (and their EOL dates).

So quite frankly I think your best solution here is to upgrade to 9.1/RELEASE and then rely on the ports to provide you with security/openssl, basically what @SirDice already advised. If you still want to use a later version of OpenSSH then you might want to look into security/openssh-portable for that.
 
Last edited by a moderator:
You must log in or register to reply here.
Back
Top