1.原环境:
cat /etc/issue
CentOS release 6.5 (Final)
ssh -V
OpenSSH_7.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
2.备份ssh目录:
cp -rf /etc/ssh /etc/ssh.bak
3.首先查看本机telnet安装情况,如有输出则无需再进行安装:rpm -qa telnet-server
4.如无telnet则需进行安装,避免ssh升级出现问题,无法远程管理:yum install telnet-server
(安装好telnet后,为确保安全,需提前测试是否能在windows系统下telnet连接至linux服务器)
5.修改配置文件:
vi /etc/xinetd.d/telnet
service telnet
{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
disable = no
}
默认不允许root登录,
vi /etc/securetty增加
pts/0
pts/1
pts/2
/etc/init.d/xinetd restart
这样root可以telnet登录了
6.解压安装ssh:
openssh7.4的安装包:http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/
找到openssh-7.4p1.tar.gz 下载即可
tar -zxvf openssh-7.4p1.tar.gz
cd openssh-7.4p1
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --with-zlib --with-md5-passwords --with-tcp-wrappers
(在执行以上这条命令时,如出现error的错误,代表这里缺少依赖包,可根据不同提示信息进行下载安装,缺少包的情况会有:zlib、openssl-devel、pam等)
make
make install
安装成功后会提示:
/etc/ssh/ssh_config already exists, install will not overwrite
/etc/ssh/sshd_config already exists, install will not overwrite
/etc/ssh/moduli already exists, install will not overwrite
ssh-keygen: generating new host keys: ECDSA ED25519
/usr/sbin/sshd -t -f /etc/ssh/sshd_config
/etc/ssh/sshd_config line 81: Unsupported option GSSAPIAuthentication
/etc/ssh/sshd_config line 83: Unsupported option GSSAPICleanupCredentials
7.修改配置文件,允许root登录:
vi /etc/ssh/sshd_config
#PermitRootLogin yes
修改为
PermitRootLogin yes
命令:sed -i '/^#PermitRootLogin/s/#PermitRootLogin yes/PermitRootLogin yes/' /etc/ssh/sshd_config
8.重启openssh
service sshd restart
9.查看升级后的版本:
ssh -V
OpenSSH_7.4p1, OpenSSL 1.0.1e-fips 11 Feb 2013
原文出处:http://blog.csdn.net/zhangguoliang521/article/details/62042306