openssl-1.0.1f on Ubuntu 14.04 x64 with SSLv2 enabled

Pre-requisits Packages

sudo apt-get install libssl-dev devscripts dpkg-dev cdbs debhelper dh-autoreconf libev-dev libpcre3-dev pkg-config -y


OpenSSL openssl-1.0.1f Patching

Now openssl in ubunutu is compiled without sslv2 because it’s insecure (don’t install openssl like this on a production server), but some security tools use openssl to do cipher checks such as SSLSCAN which needs it enabled in order to check for the insecure ssl version. In order to enable sslv2 the package needs to be needs to be re-configued without the nossl flag. First let’s grab the source.

apt-get source openssl

Now you have a load of files in your directory, your going to want to cd to the openssl-1.0.1f directory have contains the source code and compile script.
Next we need to edit the file in debain/rules. Remove the “no-ssl2” so it looks like the line commented below.

cd openssl-1.0.1f
nano debian/rules
#CONFARGS  = --prefix=/usr --openssldir=/usr/lib/ssl --libdir=lib/$(DEB_HOST_MULTIARCH) no-idea no-mdc2 no-rc5 no-zlib  enable-tlsext $(ARCH_CONFARGS)

Next we will add a comment and commit the change. Then re-build the package, this is going to take some time so skip down to the nmap part and download the source.
You might get some error says copyright was unable to be verified, ignore it.

dch –n 'Allow SSLv2'
dpkg-source --commit
debuild -uc -us

Now cd .. and ls and you will see all the deb packages built.
To install all of them use dpkg -i *ssl*.deb

cd ..
dpkg -i *ssl*.deb

Now let’s test out openssl!

openssl s_client -connect www.somewebiste.blah:443 -ssl2

You will get unknown hostname instead of unknown argument which means openssl is working.

Ref :

  1. But, unlike some instruments kids are presented to learn,
    they teach a youngster about harmony and chords. Keep your
    shoulders still and you will probably enhance your breathing immediately.
    Shutter Speed To freeze the birds motion because it flies aim for an increased shutter

  2. Simply wish to say your article is as astounding. The clearness in your post is simply cool and i could assume you are an expert on this subject.

    Well with your permission allow me to grab your feed to keep up
    to date with forthcoming post. Thanks a million and please carry on the enjoyable work.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.