## Notes for upgrading SSH from v3.1 ==> v3.4      (sean, 26.6.02)
---------------------------------------------

Download new package to /opt/install, make sure you also 
have a copy of the old package here too, incase you need 
to undo this procedure.
Make sure random device exists:
ls -l /dev/random


# Kill all ssh connections and prngd, except your active one. 
# Look at the date/time of processes for this:
ps -ef | grep ssh

# Move ssh config files:
mv /etc/ssh /var/tmp

# Remove previous package:
pkgrm OBSDssh


# Install new package:
pkgadd -d OBSDssh-3.4p1-sparc-sun4u-5.8.pkg

# Create new user for "Privilege separation"
groupadd sshd; useradd -g sshd sshd

# Save the new v3.4 config, and move back the old config
# and keys.
mv    /etc/ssh/ssh_config /etc/ssh/ssh_config.v34
mv    /etc/ssh/sshd_config /etc/ssh/sshd_config.v34
cp -p /var/tmp/ssh/ssh_* /var/tmp/ssh/sshd_* /etc/ssh

# Compare the new and existing SSH configs.
# make sure the following appear in /etc/ssh/sshd_config:
	## Run a maximum of SSH as user "sshd"
	## Reduce priviliges for most openssh features.
	UsePrivilegeSeparation yes


Start SSH:
 /etc/init.d/openssh.server start

Then test, test, test!

Much later: Wipe files backed up in /var/tmp:
 rm -rf /var/tmp/ssh