zoukankan      html  css  js  c++  java

  • CentOS7升级openssh8.0

    脚本升级

    #!/bin/bash
#script to upgrade OpenSSH(8.0)


#backup SSH conf
mkdir -p /tmp/ssh-backup
mv /etc/ssh/* /tmp/ssh-backup
#backup pam
cp /etc/pam.d/sshd{,.old}
#尽量yum升级至默认版本,OpenSSH_7.4p1
yum update openssh -y


#为防止万一,先安装配置telnet
yum -y install telnet telnet-server xinetd
#在/etc/securetty文件末尾添加内容:
echo "pts/0" >> /etc/securetty
echo "pts/1" >> /etc/securetty
echo "pts/2" >> /etc/securetty
echo "pts/3" >> /etc/securetty
#启动telnet服务并设置开机自动启动
systemctl enable xinetd
systemctl enable telnet.socket 
systemctl start telnet.socket
if [ $? -eq 0 ]; then
     echo "succeed for telent" >> /tmp/update-openssl.log
else
     echo "failed" for telnet >> /tmp/update-openssl.log
fi
systemctl start xinetd
netstat -lntp|grep 23


#安装依赖组件,注意将编译安装的高版本剔除出yum列表
yum install -y gcc gcc-c++ glibc make autoconf openssl openssl-devel pcre-devel  pam-devel
#安装zlib和pam
yum install  -y pam* zlib*
#升级openssl
#https://www.cnblogs.com/suminem/p/13625172.html


#upgrade OpenSSH
cd /usr/src
wget https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/openssh-8.0p1.tar.gz
tar xfz openssh-8.0p1.tar.gz 
cd openssh-8.0p1
./configure --prefix=/usr/ --sysconfdir=/etc/ssh  --with-openssl-includes=/usr/local/ssl/include --with-ssl-dir=/usr/local/   --with-zlib   --with-md5-passwords   --with-pam && make && make install
if [ $? -eq 0 ]; then
     echo "succeed for install openssh" >> /tmp/update-openssl.log
else
     echo "failed for install openssh" >> /tmp/update-openssl.log
fi
#Modify sshd_config
sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config
sed -i 's/#StrictModes yes/StrictModes no/g' /etc/ssh/sshd_config
#复制配文件并配置开机启动
cp -a contrib/redhat/sshd.init /etc/init.d/sshd
cp -a contrib/redhat/sshd.pam /etc/pam.d/sshd.pam
chmod +x /etc/init.d/sshd
mv /usr/lib/systemd/system/sshd.service /tmp/ssh-backup
chkconfig sshd on
systemctl restart sshd
if [ $? -eq 0 ]; then
     echo "succeed for start sshd" >> /tmp/update-openssl.log
else
     echo "failed for start sshd" >> /tmp/update-openssl.log
fi


#检验成功后关闭telent
systemctl stop xinetd
yum remove -y telnet-server
systemctl start xinetd

      
  • 相关阅读:
    POJ 3458 Colour Sequence(简单题)
    Cygwin下vim按方向键出现ABCD;
    算法之旅——归并排序
    poj 2769 Reduced ID Numbers(memset使用技巧)
    Restlet+Fastjson 高速构建轻量级 Java RESTful Webservice
    poj 1659 Frogs' Neighborhood (度序列)
    PHP监測memcache服务端的执行状况
    机器学习之倚门回首嗅青梅
    Threejs 官网
    sqlserver安全加固
  • 原文地址:https://www.cnblogs.com/suminem/p/13689620.html
Copyright © 2011-2022 走看看