Hi Iain, Yup that did it. I recompiled OpenSSL with: ./config -fPIC --prefix=..... And the OpenSSH 6.5 worked. This was not required in previous versions of OpenSSH. Thanks for your reply. Mike -----Original Message----- From: Iain Morgan [mailto:imorgan@xxxxxxxxxxxx] Sent: Monday, February 03, 2014 1:48 PM To: Ethier, Michael Cc: openssh-unix-dev@xxxxxxxxxxx Subject: Re: Compiling openssh v6.5 with --with-ssl-dir not working On Mon, Feb 03, 2014 at 14:46:20 +0000, Ethier, Michael wrote: > Hello, > > I am trying to compile openssh v6.5p1 with openssl-1.0.1f and it > doesn't seem to find my custom openssl libraries and defaults to the > system version. This has been working on all previous openssh version until v6.5. Is this a bug ? More details below: > > [root@test openssh-6.5p1]# ./configure > --prefix=/usr/local/openssh-6.5p1 --with-tcp-wrappers --with-selinux > --with-kerberos5 --with-ssl-engine --with-pam --with-md5-passwords > --with-ssl-dir=/usr/local/openssl-1.0.1f > ... > ... > checking whether getpgrp requires zero arguments... yes checking > openssl/opensslv.h usability... yes checking openssl/opensslv.h > presence... yes checking for openssl/opensslv.h... yes checking > OpenSSL header version... 90802f (OpenSSL 0.9.8e-rhel5 01 Jul 2008) > checking OpenSSL library version... 90802f (OpenSSL 0.9.8e-fips-rhel5 > 01 Jul 2008) checking whether OpenSSL's headers match the library... > yes checking if programs using OpenSSL functions will link... yes > > > So the version of SSL is not the proper one. I have installed openssl-1.0.1f in /usr/local: > [root@iliadaccess04 src]# ls -l /usr/local/openssl-1.0.1f total 16 > drwxr-xr-x 2 root root 4096 Jan 15 08:35 bin drwxr-xr-x 3 root root > 4096 Jan 15 08:35 include drwxr-xr-x 4 root root 4096 Jan 15 08:35 lib > drwxr-xr-x 6 root root 4096 Jan 15 08:35 openssl > > Any ideas ? > > Thanks, > Mike > I suspect that you are running into a similar issue to what I encountered during the early testing of the additional build-hardening options. If you check config.log, you will most likely find that linking against your copy of libcrypto failed and that the build system fell back to the system-provided library. Try rebuilding OpenSSL, but add -fPIC when you run ./config. At least, that worked for me. -- Iain Morgan _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev