zoukankan      html  css  js  c++  java

  • Linux——OpenSSH如何升级到最新版本

    前言

    官网

    安装说明

    下载 | FTP

    下载 | RSYNC

    下载 | HTTP

    步骤

    升级脚本

    具体的内容请查看脚本内容

    #!/bin/bash

## 查看现有的ssh的版本并升级到最新版本
cd /opt
ssh -V
openssl version
yum update openssh -y

## 安装启动并配置telnet服务 | 防止ssh升级失败无法访问服务器
yum install -y telnet-server* telnet xinetd
systemctl enable xinetd.service
systemctl enable telnet.socket
systemctl start telnet.socket
systemctl start xinetd.service
echo 'pts/0' >>/etc/securetty
echo 'pts/1' >>/etc/securetty
echo 'pts/2' >>/etc/securetty

## 升级ssh
yum install  -y gcc gcc-c++ glibc make autoconf openssl openssl-devel pcre-devel  pam-devel
yum install  -y pam* zlib*
wget -c https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/openssh-8.1p1.tar.gz
wget -c https://ftp.openssl.org/source/openssl-1.0.2r.tar.gz
tar xfz openssh-8.1p1.tar.gz
tar xfz openssl-1.0.2r.tar.gz
mv /usr/bin/openssl /usr/bin/openssl_bak
mv /usr/include/openssl /usr/include/openssl_bak
cd /opt/openssl-1.0.2r
./config shared && make && make install
echo $?
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/ssl/include/openssl /usr/include/openssl
echo "/usr/local/ssl/lib" >> /etc/ld.so.conf
/sbin/ldconfig
openssl version
cd /opt/openssh-8.1p1
chown -R root.root /opt/openssh-8.1p1
cp -r  /etc/ssh /tmp/
rm -rf /etc/ssh
./configure --prefix=/usr/ --sysconfdir=/etc/ssh  --with-openssl-includes=/usr/local/ssl/include --with-ssl-dir=/usr/local/ssl   --with-zlib   --with-md5-passwords   --with-pam  && make && make install
echo $?
 
cat > /etc/ssh/sshd_config <<EOF
PermitRootLogin yes
AuthorizedKeysFile      .ssh/authorized_keys
UseDNS no
Subsystem       sftp    /usr/libexec/sftp-server
EOF
grep "^PermitRootLogin"  /etc/ssh/sshd_config
cat /tmp/ssh/sshd_config |grep -v '#' |grep -v '^$'
cp -a contrib/redhat/sshd.init /etc/init.d/sshd
cp -a contrib/redhat/sshd.pam /etc/pam.d/sshd.pam
chmod +x /etc/init.d/sshd
chkconfig --add sshd
systemctl enable sshd
mv  /usr/lib/systemd/system/sshd.service  /opt/
mv  /usr/lib/systemd/system/sshd.socket  /opt/
chkconfig sshd on
service sshd restart
openssl version
ssh -V

    关闭telnet服务

    自测后如果没有问题的话,自行把telnet服务关闭

    systemctl disable xinetd
systemctl disable telnet.socket
systemctl stop xinetd.service
systemctl stop telnet.socket

    效果如下
  • 相关阅读:
    愚人节的礼物
    Image Transformation
    Rails
    Google Map
    Code Formatter
    ACboy needs your help again!
    Geek's Collection(幂运算)
    Train Problem I
    Beautiful Meadow
    Card Trick(模拟)
  • 原文地址:https://www.cnblogs.com/wangyang0210/p/12552040.html
Copyright © 2011-2022 走看看