zoukankan      html  css  js  c++  java
  • CentOS openssh升级至7.4版本

    1.原环境:

    cat /etc/issue

    CentOS release 6.5 (Final)

     

    ssh -V

    OpenSSH_7.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013

     

    2.备份ssh目录:

    cp -rf /etc/ssh /etc/ssh.bak

     

    3.首先查看本机telnet安装情况,如有输出则无需再进行安装:rpm -qa telnet-server

     

    4.如无telnet则需进行安装,避免ssh升级出现问题,无法远程管理:yum install telnet-server

    (安装好telnet后,为确保安全,需提前测试是否能在windows系统下telnet连接至linux服务器)

     

    5.修改配置文件:

    vi /etc/xinetd.d/telnet
    service telnet
    {
            flags           = REUSE
            socket_type     = stream
            wait           = no
            user           = root
            server          = /usr/sbin/in.telnetd
            log_on_failure  += USERID
            disable         = no
    }
    默认不允许root登录,
    vi /etc/securetty增加
    pts/0
    pts/1
    pts/2
    /etc/init.d/xinetd restart
    这样root可以telnet登录了

    6.解压安装ssh:
    openssh7.4的安装包:http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/
    找到openssh-7.4p1.tar.gz 下载
    即可


    tar -zxvf openssh-7.4p1.tar.gz 

    cd openssh-7.4p1

    ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --with-zlib --with-md5-passwords --with-tcp-wrappers
    (在执行以上这条命令时,如出现error的错误,代表这里缺少依赖包,可根据不同提示信息进行下载安装,缺少包的情况会有:zlib、openssl-devel、pam等)

    make

    make install

    安装成功后会提示:
    /etc/ssh/ssh_config already exists, install will not overwrite
    /etc/ssh/sshd_config already exists, install will not overwrite
    /etc/ssh/moduli already exists, install will not overwrite
    ssh-keygen: generating new host keys: ECDSA ED25519 
    /usr/sbin/sshd -t -f /etc/ssh/sshd_config
    /etc/ssh/sshd_config line 81: Unsupported option GSSAPIAuthentication
    /etc/ssh/sshd_config line 83: Unsupported option GSSAPICleanupCredentials

    7.修改配置文件,允许root登录:
    vi /etc/ssh/sshd_config
    #PermitRootLogin yes
    修改为
    PermitRootLogin yes

    命令:sed -i '/^#PermitRootLogin/s/#PermitRootLogin yes/PermitRootLogin yes/' /etc/ssh/sshd_config

    8.重启openssh
    service sshd restart

    9.查看升级后的版本:
    ssh -V
    OpenSSH_7.4p1, OpenSSL 1.0.1e-fips 11 Feb 2013




    原文出处:http://blog.csdn.net/zhangguoliang521/article/details/62042306
  • 相关阅读:
    数组指针和指针数组的区别
    C++虚函数
    C++容器
    红黑树
    COM RTS/CTS, DTR/DSR
    linux和windows多线程的异同
    socket
    C++vector使用
    select函数详解
    linux下头文件
  • 原文地址:https://www.cnblogs.com/dukeshi/p/8134061.html
Copyright © 2011-2022 走看看