1

I need to pentest the vulnerability of the "SSH Server v5.3" The problem is that Ubuntu comes with the SSH Server version 7 and I don’t know how to remove the current one.

Probably: apt remove ssh-server —purge

But how can I apt install ssh-server 5.3?

Is there anyway searching in old apt repo for 5.3 version?

Thanks!

David Foerster
  • 36,264
  • 56
  • 94
  • 147
catalin
  • 141
  • Download the tar ball from https://www.openssh.com/portable.html, then refer to the linked question. – David Foerster Sep 30 '17 at 00:16
  • 1
    I don't think questions about installing specific software that has to be compiled from source should be closed against that question, since it's often quite nontrivial to adapt the generic procedure (@DavidFoerster). I think these questions are answerable and should be answered – Zanna Oct 01 '17 at 19:33
  • @Zanna: Agreed, but let's assume that it is trivial until OP finds out that it's not, at which point they hopefully [edit] their question and we can reopen (and answer) it. – David Foerster Oct 02 '17 at 06:51
  • Even your recommendation with an explanation of why portable OpenSSH is suitable for this purpose would be a good answer @DavidFoerster imho – Zanna Oct 02 '17 at 07:54

1 Answers1

1

You can build and install a “portable” version of OpenSSH from source:

  1. Download the tar ball for the desired version from one of the mirrors sites listed on https://openssh.com/portable.html.

  2. OpenSSH installation follows the common procedure lined out in “How do I install a .tar.gz (or .tar.bz2) file?”:

    tar -xf [TARBALL]
cd [EXTRACTED-PATH]
./configure [options...]
make
make install  # Use 'sudo' if you want to install for all users.

    In this particular case you may want to set an installation prefix to avoid the replacement or shadowing of the regular OpenSSH installation:

    ./configure --prefix=[PREFIX]

    Suitable PREFIX paths might be somthing like ~/openssh-5.3 or /opt/openssh-5.3.

  3. If you run into issue refer to the included installation instructions, typically in a files called INSTALL or BUILDING. You can also find it at http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/INSTALL.

    • The most likely issue are missing library dependencies.

  4. If you can't solve the issue using the resources mentioned above you're welcome to edit your question and leave a comment below this answer to draw my attention to your changes.

David Foerster
  • 36,264
  • 56
  • 94
  • 147