TurnKey Linux Virtual Appliance Library

How to update openssh server

gheter's picture


I'm new to linux and have been trying to update openssh server but it says it already has the newest version. I'm using the LAMP appliance Is it possible to update this on my server?

Thanks, Gabe

gabe's picture


I'm acctually using the Wordpress appliance. Openssh_4.7

Jeremy Davis's picture

Do you need a newer version? Why?

I'm assuming you are using the older (but stable) TKL 2009.10-2 appliance version? That version is based on Ubuntu Hardy/8.04 which has OpenSSH v4.7 in its repos. So if the package manager is saying that it is the newest version available then I'd suspect that it is already at the newest version available for that OS version (assuming that you ran apt-get update first). Meaning you can update to a later version but you will have to do it manually.

Unless you have a specific need I'd just leave it alone. FYI Linux handles updates a lot differently to Windows and rather than install a newer version, generally security patches are backported and applied to the version of the app that was supplied when the OS was released. So if you were worried about security, don't be!

If you do have a spefic need for a later version of OpenSSH then the preferable thing to do, would be to go for the newer appliance range (TKL v11.0RC). The newer appliances are based on Ubuntu Lucid/10.04 and include OpenSSH v5.3.

gabe's picture

Chroot jail

You are correct, I'm using 8.04. I was wanting to use chroot jail for SFTP. Is there a way to update ssh manually? I'd rather stick with the current server I have. I need to clone the existing server and move a site and database from the old server to the new server but with the new openssh installed. I tried rebuilding the the server on Ubuntu 10 but ran into problems with the new apache server not being configured the same way as the Wordpress appliance and so I could not just transfer the site and DB over. I guess this is all just due to being a total n00b...

Thanks, Gabe

Jeremy Davis's picture

Why not upgrade/migrate to TKL v11.0RC WordPress w/ TKLBAM?

Afterall, that's pretty much what its for! Personally I'd double check that it works as expected by migrating to a v11.0RC WordPress VM first, but assuming that works, then you'll be right. Before you start doing anything though, have a good read through the TKLBAM wiki entires and probably the TKLBAM announcement blog post and responses too. That should give you a bit of a feel for it.

Out of interest, you may find this thread relevant and interesting reading. There is a package called scponly which may help you acheive what you want if you would rather stick with v2009.10-2 (probably easier, more secure and less prone to issues than manually installing your own version of OpenSSH).

gabe's picture

I'll give that a try

Yes, sounds like this should solve the issue I'm having. :) Funny that the release has coinsided with my troubles. Thanks for making me aware of it.


Jeremy Davis's picture

No worries, good luck with it.

Let us know how you go.

gabe's picture


Well. I got the site moved over to v11.0RC WordPress. With the new version of openssh I was able to chroot jail sftp users but not quite like I hoped, conifuration was a bit of trouble. Ended up using vsftpd, which has worked like a charm. Thanks, for all the help.


Jeremy Davis's picture

Thanks for posting back to let us know how you went.

Glad I was able to be of assistance to you :)

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account, used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <strike> <caption>

More information about formatting options

Leave this field empty. It's part of a security mechanism.
(Dear spammers: moderators are notified of all new posts. Spam is deleted immediately)