Warning: technical content ahoy!
Here's a handy shell hack I use to update openssh/openssl on various machine under my care. Further hacks could be made to determine the latest version numbers of the ssl/ssh to fetch. Become one with the primative shell hacking vestiges in your modern Perl brain, oh Perlescent Brethren!
#!/bin/sh
build=/tmp
dest=/opt
lynx=/usr/bin/lynx
wget=/usr/bin/wget
ssl_url="http://www.openssl.org/source/openssl-0.9.7g.tar.gz"
ssh_url="ftp://ftp.tux.org/bsd/openbsd/OpenSSH/portable/openssh-4.0p1.tar.gz"
ssl_version=`basename $ssl_url ".tar.gz"`
ssh_version=`basename $ssh_url ".tar.gz"`
ssl_dir="$build/$ssl_version"
ssh_dir="$build/$ssh_version"
cd $build;
echo "Finding $ssl_version and $ssh_version...";
if [ -e $wget ];
then
for url in $ssl_url $ssh_url;
do
file=`basename $url`
if [ -e $file ] ;
then
echo "Using existing $file";
else
echo `$wget $url`
fi
done;
else
if [ -e $lynx ];
then
for url in $ssl_url $ssh_url;
do
file=`basename $url`
if [ -e $file ] ;
then
echo "Using existing $file";
else
echo `$lynx -source $url > $file`
fi
done;
else
echo "Oops. No URL fetchers!";
exit 1;
fi
fi
# unpacking
echo "Unpacking archives";
tar xzvf `basename $ssl_url`;
tar xzvf `basename $ssh_url`;
echo "Cleaning";
cd $ssl_dir && make clean;
cd $ssh_dir && make clean;
echo "Building SSL";
# build ssl first; sshd depends on it
cd $ssl_dir && ./config --prefix=$dest && make install
echo "Building SSH";
cd $ssh_dir && ./configure --prefix=$dest --with-ssl=$dest \
--with-sysconfig=/usr/local/etc && make install
# adjust ?
if [ -e "/etc/rc.d/init.d/sshd" ];
then
echo "You may need to adjust your sshd"
fi