Skip to Main Content
Forums

Infrastructure Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Multiple openssh packages on server ?

User12674443-OracleNov 22 2019 — edited Nov 22 2019

Hi there

I was comparing the related ssh packages installed on these two systems (server1 and server2)

According to the rpm command output they have the same ssh packages. Then I executed the yum whatprovides /usr/bin/ssh to find out what package was the source of that binary (please the output below)

[root@server2~]# rpm -qa |grep ssh

libssh2-1.4.2-2.el6_7.1.x86_64

openssh-server-5.3p1-124.el6_10.x86_64

openssh-clients-5.3p1-124.el6_10.x86_64

openssh-5.3p1-124.el6_10.x86_64

[swang@server1/]$ rpm -qa |grep ssh

openssh-clients-5.3p1-124.el6_10.x86_64

libssh2-1.4.2-2.el6_7.1.x86_64

openssh-server-5.3p1-124.el6_10.x86_64

openssh-5.3p1-124.el6_10.x86_64

[swang@sgdxwa02db01 /]$

=======================================================

The outputs are different, server1's indicate the  binary comes from the package openssh-clients-5.3p1-124.el6_10.x86_64; however, server2's shows multiples entries pointing to multiple ssh package versions.

Does this mean that those versions are still installed on server2 even though the rpm -qa is not displaying them?

This is in some way affecting the security score of server2 that points to ssh vulnerabilities

I would appreciate any comments

[root@server1~]#  yum whatprovides /usr/bin/ssh

openssh-clients-5.3p1-124.el6_10.x86_64 : An open source SSH client applications

Repo        : installed

Matched from:

Other       : Provides-match: /usr/bin/ssh

[root@server2~]# yum whatprovides /usr/bin/ssh

el5_latest | 3.0 kB     00:00

el5_latest/primary_db |  39 MB     00:00

openssh-clients-4.3p2-72.el5.x86_64 : The OpenSSH client applications

Repo        : el5_latest

Matched from:

Filename    : /usr/bin/ssh

openssh-clients-4.3p2-82.el5.x86_64 : The OpenSSH client applications

Repo        : el5_latest

Matched from:

Filename    : /usr/bin/ssh

openssh-clients-4.3p2-82.0.1.el5.x86_64 : The OpenSSH client applications

Repo        : el5_latest

Matched from:

Filename    : /usr/bin/ssh

openssh-clients-4.3p2-72.el5_7.5.x86_64 : The OpenSSH client applications

Repo        : el5_latest

Matched from:

Filename    : /usr/bin/ssh

openssh-clients-4.3p2-72.el5_6.3.x86_64 : The OpenSSH client applications

Repo        : el5_latest

Matched from:

Filename    : /usr/bin/ssh

openssh-clients-4.3p2-82.0.2.el5.x86_64 : The OpenSSH client applications

Repo        : el5_latest

Matched from:

Filename    : /usr/bin/ssh

openssh-clients-5.3p1-124.el6_10.x86_64 : An open source SSH client applications

Repo        : installed

Matched from:

Other       : Provides-match: /usr/bin/ssh
Comments
Post Details
Added on Nov 22 2019
#linux, #oracle-linux
2 comments
480 views