upgrade openSSH 7.2p in ubuntu 14.04

Rigoberto Giraldo Carmona picture Rigoberto Giraldo Carmona · Apr 6, 2016 · Viewed 30.7k times · Source

I have a server running Ubuntu 14.04, but I have an issue with PCI requirements. I have installed in my server OpenSSH 6.6p1, then I upgraded it to OpenSSH 7.2p, compiling the code with make and make install directly from repositories from OpenSSH, but it seems something is broken because I continue getting the old version after I check dpkg -l openssh\*:

ii openssh-client 1:6.6p1-2ubunt amd64 secure shell (SSH) client, 
ii openssh-server 1:6.6p1-2ubunt amd64 secure shell (SSH) server,
ii openssh-sftp-serve 1:6.6p1-2ubunt amd64 secure shell (SSH) sftp server 

And PCI scanner continues reporting the same issue about that I have to install the latest version of OpenSSH.

This is the CVI Id of the issue: CVE-2016-3115

Answer

flanger001 picture flanger001 · Jan 9, 2017

I needed to install the newest OpenSSH as well but I wanted to install it via a package instead of compiling from source.

sudo apt-add-repository 'deb http://archive.ubuntu.com/ubuntu yakkety main universe multiverse'
sudo apt-get update
sudo apt-get install openssh-server=1:7.3p1-1

It worked for me. (Technically only main and universe were necessary here)

$ ssh -V
OpenSSH_7.3p1 Ubuntu-1, OpenSSL 1.0.2g  1 Mar 2016

Edit (2017-10-04): This answer has been receiving some attention lately and might be out of date now. Remember only main and universe were necessary from this, and I specifically wanted to install this as a package instead of compiling from source. Please be careful with typing random commands from the internet, no matter how well-meaning the stranger (in this case me) is!