Upgrade SSH Remotely

There may come a time when you need to upgrade SSH remotely, while logged in remotely with SSH. You might think this poses a problem, but there's a really simple solution.

If this server is in another country I'd follow these directions very carefully.

• Log into the remote machine with one SSH session.
• Unzip, configure, and compile the new version of SSH. Don't install just yet.
• run "ps -aux | grep ssh" There should be two sshd processes running. The one you are currently logged onto and the daemon server. If other people are logged in there will be more.
• Here's where the most vital part comes. Kill all instances of ssh that are NOT the one instance you are connected to. If you kill the one you are currently logged into you're screwed. Run "kill -9 pid" to kill each of them. You can use the start time listed with the command "ps -aux" and the time listed on your login by running something like "who" to help determine which one is you. There are tons of ways to determine this so use whatever you are most comfortable with to avoid killing yourself.
• Now that that there is only one child sshd running, the one you are connected to, install ssh with make install.
• Restart sshd with "/sbin/service sshd restart"
• The new version will now be used when you connect. Make sure you can login with a new session and you can test the ssh version to make sure it's the latest (it will be).
• Disconnect your old session used to do the install (which is still using the old version) and it will die.
• All done. The new version of SSH is now running.

There are a couple other ways to do this. Some people like to use a timed script that will stop the server, run make install, and then restart the service. If you ask me, that's pretty damn risky. Anything can go wrong.