CentOS 7.6离线升级OpenSSH

it2023-07-26  77

备份文件夹:

[root@localhost ~]# cp -rp /etc/ssh{,.backup`date "+%Y%m%d"`}

安装依赖包(前提是有yum源,没有的话先下载yum源)

[root@localhost ~]# yum install zlib-devel  [root@localhost ~]# yum install openssl-devel  [root@localhost ~]# yum install pam-devel

源码升级openssl: [root@localhost ~]# cd /usr/local/open/    #目录自定义 [root@localhost ~]# wget http://www.openssl.org/source/openssl-1.1.1h.tar.gz [root@localhost ~]# tar zxvf openssl-1.1.1h.tar.gz [root@localhost ~]# cd openssl-1.1.1h [root@localhost ~]# ./config --prefix=/usr/local/ssl --shared  [root@localhost ~]# perl configdata.pm --dump  #显示配置数据 [root@localhost ~]# make [root@localhost ~]# make test [root@localhost ~]# make install [root@localhost ~]# echo "/usr/local/ssl/lib" >> /etc/ld.so.conf [root@localhost ~]# ldconfig [root@localhost ~]# openssl versionOpenSSL 1.0.2k-fips  26 Jan 2017 [root@localhost ~]# mv /usr/bin/openssl{,.old`date "+%Y%m%d"`} [root@localhost ~]# mv /usr/include/openssl{,.old`date "+%Y%m%d"`} [root@localhost ~]# ln -s /usr/local/ssl/include/openssl /usr/include/openssl [root@localhost ~]# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl [root@localhost ~]# openssl version  OpenSSL 1.1.1h  22 Sep 2020

源码升级openssh: [root@localhost ~]# mv /etc/ssh{,.old`date "+%Y%m%d"`} [root@localhost ~]# cd /usr/local/open/ [root@localhost ~]# wget  https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.4p1.tar.gz [root@localhost ~]# tar zxvf openssh-8.4p1.tar.gz [root@localhost ~]# cd openssh-8.4p1 [root@localhost ~]# ./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh --with-pam --with-ssl-dir=/usr/local/ssl --with-md5-passwords --mandir=/usr/share/man --with-zlib --without-hardening [root@localhost ~]# make [root@localhost ~]# make install#更改配置文件 [root@localhost ~]# cp /etc/ssh/sshd_config{,.backup`date "+%Y%m%d"`} [root@localhost ~]# sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin\ yes/g' /etc/ssh/sshd_config【说明】检查/etc/ssh/sshd_config ---> PermitRootLogin yes  (如果需要root ssh登录,配置为yes;否则配置为no) [root@localhost ~]# cp -p /usr/bin/ssh /usr/bin/ssh.`date "+%Y%m%d"` [root@localhost ~]# cp -p /usr/local/openssh/bin/ssh /usr/bin/ssh [root@localhost ~]# systemctl restart sshd.service [root@localhost ~]# systemctl enable sshd [root@localhost ~]# systemctl status sshd

[root@zhh-test local]# ssh -VOpenSSH_8.4p1, OpenSSL 1.1.1h  22 Sep 2020

升级成功 o(* ̄▽ ̄*)ブ

最新回复(0)