OpenSSH - Pretty Old Version?


So… Rockstor comes with OpenSSH version: 6.6.1p1 right now. This is pretty old, and as I understand it… doesn’t come with some of the newer and more secure functionality of the later OpenSSH versions.

1). Is this something that could be a security issue?
2). Is there a way we can upgrade to a newer version? I’d like to use some of the new key exchange stuff/cipher.
3). If there is a reason why it’s OK to have 6.6.1p1, can you explain why/how it’s safe?

I’m new to this and just want to understand.

@rocksthor Hello again.
Rockstor is based on CentOS 7.3 (after all updates are applied) and so this question is probably better located in a CentOS forum.

As long as you follow CentOS 7.3 relevant instruction for this it shouldn’t be a problem; although you may have to watch what edits Rockstor may make to the configuration file.

Hope that helps.

note: the links have a space after ‘http://’, because new users (me) can’t post links :disappointed:.

@rocksthor You are pasting only part of the openssh package version in CentOS! The real version is:

[root@~]# yum list openssh
openssh.x86_64                                      6.6.1p1-33.el7_3

Of course openssh is maintained and backported by RHEL and CentOS, its last update was on January the 18th: https://

There are newer versions of openssh available, since the most recent version is 7.4: https:// But to replace it in CentOS is a bad idea in most cases, you probably should stick with the default OS package.

If you really want to upgrade you could search for compatible Fedora packages, for example: https:// might be compatible (some more info: https://

But then again: this is not recommended and in most cases not needed.

Hope this gives you some more insight ;-).

1 Like