安装脚本
#!/bin/bash if [ ! -d /home/data ];then mkdir /home/data fi cd /home/data yum install wget -y wget -O openssh-8.3p1.tar.gz https://ftp.riken.jp/pub/OpenBSD/OpenSSH/portable/openssh-8.3p1.tar.gz wget -O zlib-1.2.11.tar.gz https://zlib.net/zlib-1.2.11.tar.gz wget -O openssl-1.1.1g.tar.gz https://www.openssl.org/source/openssl-1.1.1g.tar.gz ######保证下载的文件在/home/data里,且文件名相同 tar -zxf openssl-1.1.1g.tar.gz tar -zxf zlib-1.2.11.tar.gz tar -zxf openssh-8.3p1.tar.gz chown -R root:root /home/data #######################0end----------############################ ##1---配置Telnet,以防SSH配置过程中出现问题,可以使用Telnet登录---- setenforce 0 #关闭selinux systemctl stop firewalld #关闭 systemctl disable firewalld yum install telnet telnet-server xinetd -y #vi /etc/xinetd.conf #修改disabled = no ,即可以使用telnet服务 cp /etc/xinetd.conf /home/data/xinetd.comfbk sed -i '14a disabled = no ' /etc/xinetd.conf #在第14行增加 disabled = no echo -e 'pts/0 pts/1 pts/2 pts/3' >>/etc/securetty systemctl start telnet.socket #开启服务 systemctl start xinetd #开启服务 systemctl enable telnet.socket #开机自起服务 systemctl enable xinetd ##1end--------------------------------------------------------------- ##2 升级 OpenZlib----------------------------------------- yum install -y gcc gcc-c++ glibc make autoconf openssl openssl-devel pcre-devel pam-devel yum install -y pam* zlib* cd /home/data/zlib-1.2.11/ ./configure --prefix=/usr/local/zlib make && make install ##2end--------------------- ##3升级openssl------------- cd /home/data/openssl-1.1.1g/ ./config --prefix=/usr/local/ssl -d shared make && make install echo '/usr/local/ssl/lib' >> /etc/ld.so.conf ldconfig mv /usr/bin/openssl /home/data/opensslbk ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl ##3end--and start update SSH------------------------ ##4-----安装OpenSSH 8.3p1------- cd /home/data/openssh-8.3p1/ ./configure --prefix=/usr/local/openssh --with-ssl-dir=/usr/local/ssl --with-zlib=/usr/local/zlib make && make install mv /etc/ssh/sshd_config /home/data/sshd_config.bak cp /usr/local/openssh/etc/sshd_config /etc/ssh/sshd_config mv /usr/sbin/sshd /home/data/sshd.bak cp /usr/local/openssh/sbin/sshd /usr/sbin/sshd mv /usr/bin/ssh /home/data/ssh.bak cp /usr/local/openssh/bin/ssh /usr/bin/ssh mv /usr/bin/ssh-keygen /home/data/ssh-keygen.bak cp /usr/local/openssh/bin/ssh-keygen /usr/bin/ssh-keygen mv /etc/ssh/ssh_host_ecdsa_key.pub /home/data/ssh_host_ecdsa_key.pub.bak cp /usr/local/openssh/etc/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub for i in $(rpm -qa |grep openssh);do rpm -e $i --nodeps ;done mv /etc/ssh/ssh_config.rpmsave /etc/ssh/ssh_config mv /etc/ssh/sshd_config.rpmsave /etc/ssh/sshd_config cp /home/data/openssh-8.3p1/contrib/redhat/sshd.init /etc/init.d/sshd chmod u+x /etc/init.d/sshd #-------------修改配置文件------------ cp /etc/init.d/sshd /home/data/sshdnewbk sed -i '/SSHD=/cSSHD=/usr/local/openssh/sbin/sshd' /etc/init.d/sshd sed -i '//usr/bin/ssh-keygen/c /usr/local/openssh/bin/ssh-keygen -A' /etc/init.d/sshd sed -i '/ssh_host_rsa_key.pub/i /sbin/restorecon /etc/ssh/ssh_host_key.pub' /etc/init.d/sshd sed -i '/$SSHD $OPTIONS && success || failure/i OPTIONS="-f /etc/ssh/sshd_config"' /etc/rc.d/init.d/sshd #---------操作sshd_config------- sed -i '/PasswordAuthentication/cPasswordAuthentication yes' /etc/ssh/sshd_config sed -i '/X11Forwarding/cX11Forwarding yes' /etc/ssh/sshd_config sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config cp -arp /usr/local/openssh/bin/* /usr/bin/ service sshd restart ##3end------------------------------------------ #----------配置开机项--------------- chkconfig --add sshd chkconfig --level 2345 sshd on chkconfig --list #----------关闭Telnet服务--------------- systemctl stop telnet.socket systemctl stop xinetd systemctl disable xinetd.service systemctl disable telnet.socket #--------清理安装过程文件--------------------- rm -fr /home/data