suSSHi OpenSSH Client Patches
Overview
Applying the Patch
Download the portable OpenSSH version from www.openssh.com and untar the archive:
$ cd ~/Downloads $ tar xzvf openssh-9.8p1.tar.gz
Download the correct patch and place it in the same download folder.
Apply the patch:
$ cd openssh-9.8p1 $ patch < ../openssh-9.8p1-susshi.patch
Build OpenSSH with your preferred options:
$ ./configure --sysconfdir=/etc/ssh --prefix=/usr/local --with-pam $ make
The following files are affected by the patch and thus may replace the system installed ones:
scp
scp.1
sftp
sftp.1
ssh
ssh.1
ssh_config.5
If you prefer, you may also install the whole freshly compiled OpenSSH suite instead of the system provided:
$ sudo make install
Tip
On macOS you may have to install the brew package “openssl” upfront and append the option
--with-ssl-dir=/usr/local/opt/opensslwhen configuring OpenSSH:$ brew install openssl $ CFLAGS="-fzero-call-used-regs=all -ftrivial-auto-var-init=zero" \ ./configure --sysconfdir=/etc/ssh --prefix=/usr/local --with-pam --with-ssl-dir=/opt/homebrew/opt/openssl $ make $ sudo make install