1

I am installing a newer version of openssh on to an ubuntu server (raring 13.04)

I have set export LDFLAGS="-I/usr/lib-I/usr/local/lib"

And when running my ./configure statement which is 

./configure --prefix=/usr --exec_prefix=/usr --libexecdir=/usr/lib/openssh
--sysconfdir=/etc/ssh --datadir=/usr/share/sshd --with-md5-passwords 
--with-privsep-path=/var/lib/sshd

The output ends:

.....
checking OpenSSL header version... 1000105f (OpenSSL 1.0.1e 11 Feb 2013)
checking OpenSSL library version... 1000103f (OpenSSL 1.0.1c 10 May 2012)
checking whether OpenSSL's headers match the library... no
configure: error: Your OpenSSL headers do not match your
library. Check config.log for details.

I tried a tip suggesting changing LDFLAGS to

export LDFLAGS="-L/usr/lib/libssl.so -/usr/lib/libcrypto.so"

to force use of one library

But then when I run the ./configure command I get

.........
checking for gcc... gcc
checking whether the C compiler works... no
configure: error: in `/usr/local/sas/openssh-6.2p2':
configure: error: C compiler cannot create executables
See `config.log' for more details

Dose any one have any further thoughts?

sheepez
  • 986
  • 1
  • 10
  • 26
user2744200
  • 11
  • 1
  • 2
  • `-I` should go in `CFLAGS`, not in `LDFLAGS`, the linker does not use `include` statements so when it gets to linking it's too late to change include path. `export LDFLAGS="-L/usr/lib/libssl.so -/usr/lib/libcrypto.so"` is also a bit messed up, it should probably be plain; `export LDFLAGS="-L/usr/lib"` since `-L` just takes a path for the compiler to look for libraries, not an absolute path to an actual library. – Joachim Isaksson Sep 08 '13 at 21:40
  • Cheers- I have tried several variations of LDFLAGS statements including just "-L/usr/lib" the one you note was from another person with the same issue on another site it worked for them - but not for me – user2744200 Sep 08 '13 at 23:19
  • Cheers- I have tried several variations of LDFLAGS statements including just "-L/usr/lib" the one you note was from another person with the same issue on another site it worked for them - but not for me Regarding CFLAGS I thought it was CPPLFAGS so I have tried various CPPFLAGS= statments alone and with LDFLAGS Including CPPFLAGS="-I/usr/include" and CPPFLAGS="-I/usr/include -I/usr/local/include" I have tried the following which I think is your suggestion CFLAGS="-I/usr/include" and when that did not work CFLAGS="-I/usr/include -I/usr/local/include" Any thoughts – user2744200 Sep 08 '13 at 23:27

1 Answers1

1

The solution is pretty easy. A lot of people face this problem, so i thought of sharing how i solved it hoping it helps someone out there especially with the issue with the "heart bleed bug". If you have this trying to compile openssl for example:

checking OpenSSL header version... 1000107f (OpenSSL 1.0.1g 7 Apr 2014)
checking OpenSSL library version... 9080ef (OpenSSL 0.9.8y 5 Feb 2013)
checking whether OpenSSL's headers match the library... no
configure: error: Your OpenSSL headers do not match your
library.

Solution:

  1. Locate the openssl tarball and rebuild it as shown below.

    tar xvfz /usr/src/openssl-1.0.1g.tar.gz   (IF YOU DID THIS BEFORE GO TO NEXT STEP)
cd /usr/src/openssl-1.0.1g/  
./config –prefix=/usr/local –openssldir=/usr/local/openssl shared
make clean
make
make test
make install
openssl version
echo "/usr/local/ssl/lib" >> /etc/ld.so.conf
ldconfig –v

  2. Recompile openssh

    tar xvfz /usr/src/openssh-6.6p1.tar.gz   (IF YOU DID THIS BEFORE GO TO NEXT STEP)
cd /usr/src/openssh-6.6p1/
./configure
make
make install

  3. Verify installation and restart the sshd daemon

    ssh –V

OpenSSH_6.6p1, OpenSSL 1.0.1g 7 Apr 2014 (this should be your display)

/etc/rc.d/rc.sshd restart

you may have to log out of your ssh session and log back in, then do ssh -V again.

Aleksei Zyrianov
  • 2,294
  • 1
  • 24
  • 32
user3356504
  • 11
  • 2