openssh 8.0 rpm 制作

yum install rpm-build zlib-devel openssl-devel gcc perl-devel pam-devel unzip -y 

mkdir -p /root/rpmbuild/{SOURCES,SPECS}

 cd /root/rpmbuild/SOURCES 

wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.0p1.tar.gz 

wget https://src.fedoraproject.org/repo/pkgs/openssh/x11-ssh-askpass-1.2.4.1.tar.gz/8f2e41f3f7eaa8543a2440454637f3c3/x11-ssh-askpass-1.2.4.1.tar.gz 

tar zxvf openssh-8.0p1.tar.gz  openssh-8.0p1/contrib/redhat/openssh.spec 

mv openssh-8.0p1/contrib/redhat/openssh.spec ../SPECS/ 

chown sshd:sshd /root/rpmbuild/SPECS/openssh.spec 

cp /root/rpmbuild/SPECS/openssh.spec /root/rpmbuild/SPECS/openssh.spec_def 

sed -i -e "s/%define no_gnome_askpass 0/%define no_gnome_askpass 1/g" /root/rpmbuild/SPECS/openssh.spec 
sed -i -e "s/%define no_x11_askpass 0/%define no_x11_askpass 1/g" /root/rpmbuild/SPECS/openssh.spec 

vim openssh.spec 

注释掉 BuildRequires: openssl-devel < 1.1 因为目前安装的版本都低于1.1

cd /root/rpmbuild/SPECS/ 

rpmbuild -ba openssh.spec


cp /etc/pam.d/sshd /etc/pam.d/sshd.old
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.old
cat /etc/pam.d/sshd.old > /etc/pam.d/sshd
cat /etc/ssh/sshd_config.old > /etc/ssh/sshd_config

rpm -Uvh *.rpm

rm -rf /etc/ssh/ssh_host_*key
/etc/init.d/sshd restart >/dev/null 2>&1



安装注意：

########################################
Vi修改/etc/ssh/sshd_config文件，修改如下内容：
 
#PermitRootLogin prohibit-password  修改为PermitRootLogin yes
#UsePAM no 修改为  UsePAM yes

/etc/pam.d/sshd  要覆盖原来的文件  不然密码验证不通过

https://www.openssl.org/source/

安装脚本

#!/bin/bash
##########################################################
##                                                      ##
## Script Name:install-openssh for Redhat-CenOS-6.0~7.6 ##
## By：Eren 2019-08-29                                  ##
##                                                      ##
##########################################################
###
echo ---- config file copy ......Please Wait ----
cp /etc/pam.d/sshd /tmp/
cp /etc/ssh/sshd_config /tmp/
if [ $? == 1 ]
then
    echo "cp failed "                                                         
        
    exit 0
fi
###
echo ---- install-openssh ......Please Wait ----
###
os=`cat /etc/redhat-release|sed -r 's/.* ([0-9]+)..*/1/'`
if [ $os == 6 ];then
	rpm -Uvh *el6*.rpm 
else 
	rpm -Uvh  *el7*.rpm	
fi
echo ---- install-openssh installation is Complete ----
###
cat /tmp/sshd >  /etc/pam.d/sshd
cat /tmp/sshd_config > /etc/ssh/sshd_config
###
#sed -i '/#UsePAM no/aUsePAM yes' /etc/ssh/sshd_config
###
rm -rf /etc/ssh/ssh_host_*key
/etc/init.d/sshd restart >/dev/null 2>&1
###
ssh -V