OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 23.1 Legacy Series »
  • How to remove pkg opsenssh-portable-9.3.p1
« previous next »
  • Print
Pages: [1]

Author Topic: How to remove pkg opsenssh-portable-9.3.p1  (Read 1078 times)

buddystad

  • Newbie
  • *
  • Posts: 11
  • Karma: 0
    • View Profile
How to remove pkg opsenssh-portable-9.3.p1
« on: July 28, 2023, 04:12:49 pm »
Hello,

I sent this question to a guru. He is probably on vacation I guess. So I am posting it here

I recently installed OPNsense 23.1.11, and the security auditing showed one vulnerability related the default openssh-portable-9.3.p1. So I downloaded the openssh-9.3.p2, trying to avoid the vulnerability. The new openssh is working.

Now the auditing still shows the vulnerable 9.3.p1.  So I tried to remove the old 9.3.p1, it always tells me it would remove the opnsense kernel 23.1.11 as well.

So, is there a way to just remove the openssh-9.3.p1 without touching the opnsense 23.1.11? or is it safe to keep the old p2?

Appreciate it

Buddy S.
Logged

newsense

  • Hero Member
  • *****
  • Posts: 1027
  • Karma: 77
    • View Profile
Re: How to remove pkg opsenssh-portable-9.3.p1
« Reply #1 on: July 30, 2023, 01:40:46 am »
No need to fret, 23.7 will be out on Monday July 31st and has all the latest patches. There's no manual intervention needed.

As a side note, if running on older/slower HW with no visibility into the boot up process please remember that an APU can take 15+ minutes from the moment it finished all downloads and starts rebooting until is back up online. No other action would be required other than patience.
Logged

buddystad

  • Newbie
  • *
  • Posts: 11
  • Karma: 0
    • View Profile
Re: How to remove pkg opsenssh-portable-9.3.p1
« Reply #2 on: July 30, 2023, 03:00:33 am »
Thank you new sense for the kind reply.

I may use the 23.7, even though I am not sure it's a good idea to load this 23.7 right away.

Anyhow, I am still curious about how to remove the openssjh-9.3.p1, not touching the opnsense kernel for sure.

Moreover, can we upgrade to 23.7 directly from 23.1.11? Cause we know 23.7 is on FreeBSD 13.2,  23.1.11 on 13.1. 

I assume my current HW running 23.1.11 would be fine with the 23.7. Please correct me if not.

Thanks a lot
Logged

newsense

  • Hero Member
  • *****
  • Posts: 1027
  • Karma: 77
    • View Profile
Re: How to remove pkg opsenssh-portable-9.3.p1
« Reply #3 on: July 30, 2023, 04:12:37 am »
I've been running the 13.2 kernel/base pkgs since early June on multiple FWs, the 23..r1-3 releases were rather uneventful and I've already upgraded everything to 23.7.

I don't exclude the random IPv6 or PPPoE issue here and there to creep up, and those using Zenarmor will have to wait most likely for the green light as usual, however I see no reason to wait going to 23.7 as soon as the enablement packages is published.

HW wise you'll be fine, I'd recommend installing  the os-hw-probe plugin which will be useful for the FreeBSD devs in knowing what hardware is running FreeBSD and what may need attention
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 23.1 Legacy Series »
  • How to remove pkg opsenssh-portable-9.3.p1
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2