zoukankan      html  css  js  c++  java

  • Linux 部署或升级openssh7.5p1

          运维Linux系统,部署或升级openssh是经常面临的事,以下已redhat6和redhat7为例。

          在redhat6中部署openssh会有什么坑,在编辑openssh源码包时会报一些类似的错误,如下:

         checking OpenSSL header version... 10000003 (OpenSSL 1.0.0 29 Mar 2010)
         checking OpenSSL library version... configure: error: OpenSSL >= 1.0.1 required (have "10000003 (OpenSSL 1.0.0-fips 29 Mar 2010)")

      checking OpenSSL header version... not found
         configure: error: OpenSSL version header not found.

         这是原因openssh在编辑时加上--without-hardening. 下面是写的一个shell安装openssh的过程. 在redhat7中没有这个问题.

    openssh安装脚本

#!/bin/bash
# soft openssh install

ftp -n <<EOF
open 10.204.202.67
user itom 1qaz)P(O
binary
cd soft
lcd /tmp
prompt
get openssh-7.5p1.zip
close
bye
EOF


# rpm -e ssh
ps -ef |grep sshd | grep -v grep
if [ $? -eq 0 ];then
service sshd stop
fi

LIST=`rpm -qa |grep openssh`
for i in $LIST
do
rpm -e $i --nodeps
if [ $? -eq 0 ];then
echo "$i rpm delete ok"
else
echo "$i rpm delete warn"
fi
done
if [ -d /etc/ssh ];then
mv /etc/ssh /etc/ssh.bak
fi

DIRSOFT='/tmp'
if [ -f $DIRSOFT/openssh-7.5p1.zip ];then
unzip openssh-7.5p1.zip
fi

# install zlib
sleep 3
cd zlib-1.2.11
./configure --prefix=/usr/local/zlib && make && make install
if [ $? -eq 0 ];then
echo "soft zlib install ok!"
fi
sleep 1

# install openssl
cd $DIRSOFT
tar -xzvf openssl-1.0.2l.tar.gz > /dev/null
sleep 3
cd openssl-1.0.2l
./config --prefix=/usr/local/openssl && make && make install
if [ $? -eq 0 ];then
echo "soft openssl install ok!"
fi
sleep 1
echo "/usr/local/openssl/lib/" >> /etc/ld.so.conf
ldconfig

# install openssh
cd $DIRSOFT
tar -xzvf openssh-7.5p1.tar.gz > /dev/null
sleep 3
cd openssh-7.5p1
./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh --with-ssl-dir=/usr/local/openssl
--with-zlib=/usr/local/zlib --with-md5-passwords --without-hardening && make && make install
if [ $? -eq 0 ];then
echo "soft openssh install ok!"
fi
sleep 1

cp contrib/redhat/sshd.init /etc/init.d/sshd
sed -i 's/SSHD=/usr/sbin/sshd/SSHD=/usr/local/openssh/sbin/sshd/g' /etc/init.d/sshd
sed -i 's//usr/bin/ssh-keygen -A//usr/local/openssh/bin/ssh-keygen -A/g' /etc/init.d/sshd

chkconfig --add sshd
service sshd start
echo "export PATH=/usr/local/openssh/bin:$PATH" >> /etc/profile
  • 相关阅读:
    special word count
    Regular Expression
    position 之 fixed vs sticky
    查看linux并发连接数的方法
    Linux/Unix环境下的make命令详解(转)
    Redis数据结构(转)
    maven中依懒scope说明
    mysql主从复制
    linux查看是否已经安装某个软件
    在mac下使用py2app打包python项目
  • 原文地址:https://www.cnblogs.com/mrice/p/10129839.html
Copyright © 2011-2022 走看看