#0.Set Path /usr/local/src SOFT_ZLIB=zlib-1.2.11 SOFT_OPENSSL=openssl-1.0.2o SOFT_OPENSSH=openssh-7.9p1 DATE_TIME=`date +'%Y%m%d'` #backup mkdir /root/ssh_bak${DATE_TIME}/ #install rpm packages yum -y install gcc* make perl pam pam-devel #1.uncompress zlib cd /usr/local/src tar -zxvf ${SOFT_ZLIB}.tar.gz cd ${SOFT_ZLIB} #isntall zlib ./configure --prefix=/usr --shared make make install #5. intatll openssl cd /usr/local/src tar -zxvf ${SOFT_OPENSSL}.tar.gz cd ${SOFT_OPENSSL} ./config -fPIC threads shared zlib make make test make install mkdir -p /root/ssh_bak${DATE_TIME}/include mv /usr/bin/openssl /root/ssh_bak${DATE_TIME}/ \mv /usr/include/openssl /root/ssh_bak${DATE_TIME}/include #//if not exists ,ignore ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl ln -s /usr/local/ssl/include/openssl /usr/include/openssl #//if not exists ,ignore #2. chmod 755 /usr/local/ssl echo "/usr/local/ssl/lib" >> /etc/ld.so.conf /sbin/ldconfig -v #show version openssl version -a #3.backup scripts \cp /etc/init.d/sshd /root/ssh_bak${DATE_TIME}/ #4.uninstall openssh rpm -qa |grep openssh |sort #uninstall openssh rpm -e --nodeps `rpm -qa |grep openssh` #install openssl #1.backup mv /etc/ssh /root/ssh_bak${DATE_TIME}/ cd /usr/local/src tar -zxvf ${SOFT_OPENSSH}.tar.gz cd ${SOFT_OPENSSH} ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-zlib --with-ssl-dir=/usr/local/ssl \ --with-md5-passwords --mandir=/usr/share/man --with-pam make make install #2.start sshd cp -p contrib/redhat/sshd.init /etc/init.d/sshd chmod +x /etc/init.d/sshd chkconfig --add sshd chkconfig sshd on \cp sshd_config /etc/ssh/sshd_config \cp sshd /usr/sbin/sshd \cp ssh-keygen /usr/bin/ssh-keygen #3.ssh port #vi /etc/ssh/sshd_config sed -i '/#Port/s/22/22/' /etc/ssh/sshd_config sed -i '/#Port/s/#//' /etc/ssh/sshd_config #(2)PermitRootLogin #PermitRootLogin #before Modify: #PermitRootLogin without-password #alter Modify : PermitRootLogin yes sed -i '/#PermitRootLogin/s/#//' /etc/ssh/sshd_config sed -i '/PermitRootLogin/s/prohibit-password/yes/' /etc/ssh/sshd_config #(3)touch ssh_host_key.pub touch /etc/ssh/ssh_host_key.pub #restart sshd nohup service sshd restart & #4.Try ssh -V #OpenSSH_7.5p1, OpenSSL 1.0.2o 27 Mar 2018 rpm -qa |grep openssh ln -s /usr/local/bin/ssh /usr/bin/ssh
