can't seem to get openssh-*

Karl Auer kauer at
Tue May 13 23:53:02 UTC 2008

On Tue, 2008-05-13 at 15:56 -0700, Steve Lamb wrote:
> On Tue, May 13, 2008 3:43 pm, Sarunas Burdulis wrote:
> > root at storas:~# apt-get update
>     Why update?  Update is very conservative.  Update will not pull in new
> packages, only update existing packages.  If an update requires a new
> package then apt-get keeps the package back.

Well, update just updates the sources list, it doesn't get actual
packages at all. But you probably mean "upgrade", which is what I (and
others) were using.

I tried

   sudo apt-get upgrade

But as first reported, that resulted in openssh-client and
openssh-server being "kept back".

Then I tried specifically upgrading those two packages:

   sudo apt-get upgrade openssh-client openssh-server

The same result - these two packages were "kept back".

But your last suggestion was the key:

>     However, if you tell apt-get to explicitly install a package it will
> install the latest version, pulling in any dependencies.  Since this is
> in response to a specific vulnerability then tell apt-get exactly what
> you want it to do.
> apt-get install openssh-client openssh-server

That worked. And it installed a dependency too, namely

I now suspect that the packages openssh-client and openssh-server were
NOT installed at all before I tried to upgrade them. Because I clearly
DID have the sshd server and the ssh client installed, I assumed it was
from packages with those names. How can I check this theory?

But: These packages are NOT actually needed, according to the security
alert. You only need to upgrade the library. So I'm really not sure
what's going on. Maybe those programs are statically compiled (would
make sense).

Anyway, the "kept back" packages are installed now. Thanks for your

Regards, K.

Karl Auer (kauer at                   +61-2-64957160 (h)                  +61-428-957160 (mob)

GPG fingerprint: DD23 0DF3 2260 3060 7FEC 5CA8 1AF6 D9E3 CFEE 6B28
Public key at  :

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the ubuntu-users mailing list