We recently failed a security audit due to our openssh version being below 5.0. I want to upgrade this on our SGS 1600 security appliance, but I don't see a way to do this via the GUI. Application liveupdate doesn't yield any results. If anyone has any advice on the best/safest/easiest way to do this, I would appreciate it. I'm an application developer in a small company, so this isn't my forte, and I haven't worked in the Linux environment since my education many years ago.
My current strategy from researching this is to ftp in the latest source (I'm not even sure if there is a specific directory I should import to). Then unzip it. For ./configure, it seems on our firewall the files are not in the /usr/local directories, they are in the more root /usr/bin and /usr/sbin directories, so I am planning to set the configuration to install there. Since I will be coming in remotely via putty, I expect the sshd daemon to be running and my session. I plan to kill the daemon, then make and make install. Restart the daemon, enter in via another session to make sure it is working, then exit my old version session.
Currently I'm hoping all configuration options won't be overwritten in this process and that the daemon will restart automatically with the gateway. I believe I check this by making sure there is a link in the etc/init.d directory.
that's all I have so far. I've done a version check and all it returns is linux and a version number. I don't know if it is redhat, fedora or something else. If anyone has advice, I would appreciate it greatly.
Also, the GUI seems to only allow for backing up the configuration information. If the GUI has an option to back the whole thing up or if there is a safe way to do it from the linux prompt please advise.
Thanks again. Jim