## Notes for upgrading SSH from v3.1 ==> v3.3      (sean, 25.6.02)
---------------------------------------------

Download new package to /opt/install, make sure you also 
have a copy of the old package here too, incase you need 
to undo this procedure.


# Kill all ssh connections and prngd, except your active one. 
# Look at the date/time of processes for this:
ps -ef | grep ssh

# Move ssh config files:
mv /etc/ssh /var/tmp

# Remove previous package:
pkgrm OBSDssh


# Install new package:
pkgadd -d /opt/install/OBSDssh-3.3p1-sparc-sun4u-5.8.pkg

# Create new user for "Privilege separation"
groupadd sshd; useradd -g sshd sshd

# Save the new v3.3 config, and move back the old config
# and keys:
mv    /etc/ssh/ssh_config /etc/ssh/ssh_config.v33
mv    /etc/ssh/sshd_config /etc/ssh/sshd_config.v33
cp -p /var/tmp/ssh/ssh_* /var/tmp/ssh/sshd_* /etc/ssh

# make sure the following appear in /etc/ssh/sshd_config:
	## Run a maximum of SSH as user "sshd"
	## Reduce priviliges for most openssh features.
	UsePrivilegeSeparation yes


Start SSH:
 /etc/init.d/openssh.server start

Then test, test, test!

Much later: Wipe files backed up in /var/tmp:
 rm -rf /var/tmp/ssh