From: pat
Subject: cvsup did not update ssh
Date: Sun, 7 Apr 2002 22:09:34 -0400


After days of research, installing, compiling, make this and make that to
update my system to the most resent bug fixed patched Release of fbsd 4.5 as
of April 5th 2002,..... I think I failed. Even thought everything completed
ok all the way to conf and installing a new kernel I do not believe I
updated my system correctly. I think this for 1 reasons:

1)"OpenSSH_2.9 FreeBSD localisations 20020307, SSH protocols 1.5/2.0,
OpenSSL 0x0090601f"  this is the response I got from "ssh -V" after I
completed everything. I thought that I would get a response of a newer
version of openssh. Some thing like OpenSSH_3.1 or something higher than
2.9. The only difference I have and I an not sure it is a difference is a
responce I captured from another system that is simular to this one but
inwhich I have not done anything to. "OpenSSH_2.9 FreeBSD localisations
20011202, SSH protocols 1.5/2.0, OpenSSL 0x0090601f" the only difference I
see are the numbers after "localisations" . I do not know if this means
anything or not.

I think I may have done something right  however because of the response I
got from "dmesg |more" and cross referencing it with another machine:

This from the machine I did nothing to (3rd line down from the top)
"FreeBSD 4.5-RELEASE #0:"
This from the machine I updated on april 5th/2002 (3rd line down from the
top)  "FreeBSD 4.5-RELEASE-p2 #0:"

For these two reasons I am not too sure of what I have really done. I am at
my witts end. So here I am at the newsgroups making a GURU DEMON/GOD call
for devine (or demonic since this is bsd) intervention and help (remembering
those days of D&D :-o). ......Well here goes the dice.

If I am going to get some help I guess I will need to explain as best as I
can what I want to do, what I have done, and what is wrong. Since I am a
newbie I hope I do not include too much or too little info, but just
right... a Goldylocks amount.

Whats wrong? In short I do not know if I have updated my system correctly.

What I am trying to create is a production grade fw/nat box that is
up-to-date with all the bug fixes and security patches. I would also like
for this box to be updated on a regular basis as needed when new bug fixes
and patches become availible.

To that end I have choosen freebsd 4.5 RELEASE. I choose the release becauce
all I have read advised that RELEASE is the most dependable as opossed to
STABLE or CURRENT .  I will be using ipf and ipnat for the firewall part and
cvsup to update the system with.

I have a spare box lying around that I  use:

pentium 2  Xeon/Celeron 450 MHz 686 class CPU (this was taken from dmesg)
128 meg of ram
1.5 gig HD ide
2 pci nic's (realtec 8029/8039--respectively)
cdrom and floppy
video card (do not know, I am not installing X)

I hope this will give you some idea of the equiptment I am using, although I
am not sure of the MB itself.

I wanted to install from cd since I only have a 128 k connection and past
experience in learning has taught me that I will be reinstalling many time
before I get it right. I have taught myself well in that regard. So off to  I went to got me a copy of freebsd 4.5 (4 cd set) for
about $13.00 + shipping in Jan/2002. I do like this site, sorry for the

I poped in the cd and booted the box. At the first screen I went in and
deleted things that where not a part of my system like scsi, isa network
cards and pccards. Then continued on to the install screen. I choose the
mininual distribution set. I confurured the disk as follows, trail and error
lead me to this config:

Filesystem    Size
/dev/ad0s1a   126M       /
/dev/ad0s1f   100M      /tmp
/dev/ad0s1g   1.1G      /usr
/dev/ad0s1e   50M     /var

I commited and choose the cd to install. Afterwards I set one of the nic's
to dhcp and configured root pw.  I them went back in when asked and
installed the ALL of the src packages.  I completed the install rebooted and
checked pw and connectivity. Next I " /stand/sysinstall " went to post
config--->packages and grabed the "cvsup-without-gui-16-1f" from the freebsd
ftp site as well as pico (homie do'nt like vi).

I decided at this point to config cvsup, run it, and compile a new kernel
and bring the system up-to-day before I go further into the process. The
kernel would be config for 686 and called TEST and nothing else. I would at
a later time recompile again the kernel for fw support. I guess I could
choose another path but that's what I did. There were numous documents I
found on the web that helped guide me and at times left me in the dark. If I
was not such a newbie maybe this would not have been the case. I would like
to offer these as a guide for other fellow newbies on this path with some it slowly and completely.

The best overall

freebsd site
as well as
as well as

cvsup site

sequence different from the rest

Well on with the config for cvsup. I choose to use and config file
"stable-supfile" . As best as I could figure out this is the file to use for
what I wish to do. I cp'ed  the file  to the /etc and pointed the file to this is the closest server to me. Then I  edited  the
tag  "tag=RELENG_4"  to "tag=RELENG_4_5" Again as far as I can tell this
will update my tree to the most recent 4.5 RELEASE bug and security fixes. I
them ran "cvsup /etc/stable-supfile" and off the I went.
I recieved about a half screen of EDIT 's as well as a hand full of
CHECKOUTS and a few Attibs. The whole thing lasted about 10-15 mins on my
128k connection.

Next I checked /usr/obj to make sure it is empty them cd into /usr/src and
ran "make buildworld". It started fine but I would state that it took a
looong time to compleate about 1-2 hrs. It was also a point where I had to
scratch what I was doing and reinstall many different times because I keep
of running out of space in the /usr. It should be noted for us newbies that
this will use up a large amount of space. I had to reinstall several time to
pass this function. To explain, after I had completed the orginal install
with all the sources I had used up 460megs in the /usr slice. After
completing the "make buildworld" I had used up about 790megs and by the time
I had  finished making a kernel and completed the process I had 119meg left
out of 1.1gigs. The process I followed uses a lot of space, about 400 and
some odd megs. Well let me move on from that painfull period.

After "make buildworld" completed  I reboot into single user node "boot -s /
" them execpt the default shell then   "fsck -p" then "mount -u / "  then
"mount -a"  then "cd  /usr/src " and then  I ran  "make installworld" .

When I completed that I copyed GENERIC to TEST and config it. Then I  "cd
/usr/src" and built the kernel the "new" way by " make buildkernel
KERNCONF=TEST" when that completed I ran "make installkernel KERNCONF=TEST".
Everything worked fine I rebooted and logged back in. As far as I can tell I
was done.

I checked ssh -V and discovered that it was 2.9. What did I do wrong and is
my system up dated or not? There is a paragragh from the cvsup folk FAQ page
about the first time you use cvsup to update a system installed from a cd
that the tag you should use is "tag=RELENG_4"  ,which as far as I can guess
will baseline your tree, them run cvsup again with the tag changed to
"tag=RELENG_4_5" (in my particular case) to bring it up to date them run
"make buildworld". Is that true or did I miss understand because no other
reference sources refered to this at all.

Well that my story and I am sticking by it!


