OpenSSH升级到最新版本(openssh-7.7p1.tar.gz)
1###############################################################
查看升级前的环境
[root@localhost zlib-1.2.11]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.8 (Santiago)zlib-1.2.11.tar.gz
[root@localhost ~]# rpm -qa|grep openssl
openssl-1.0.1e-48.el6.x86_64
[root@localhost ~]# rpm -qa|grep openssh
openssh-5.3p1-117.el6.x86_64
openssh-clients-5.3p1-117.el6.x86_64
openssh-server-5.3p1-117.el6.x86_64
openssh-askpass-5.3p1-117.el6.x86_64
[root@localhost ~]#
2###############################################################
到官网下载软件
zlib-1.2.11.tar.gz
openssl-1.0.2o.tar.gz
openssh-7.7p1.tar.gz
上传到/tmp下
3################################################################
安装zlib
cd /tmp
tar -zxvf zlib-1.2.11.tar.gz
cd zlib-1.2.11
./configure --prefix=/usr/local/zlib
make
make installnode
4################################################################
openSSL升级
#rpm -e ·rpm -qa|grep openssl· --nodeps (卸载openssl,能够不作)
mv /etc/ssl /etc/ssl.bak(卸载后不存在)
tar -zxvf openssl-1.0.2o.tar.gz
cd openssl-1.0.2o
./config shared --prefix=/usr/local/ssl --openssldir=/usr/local/ssl
make&& make install
mv /usr/bin/openssl /usr/bin/openssl.lod (卸载后不存在)
mv /usr/include/openssl /usr/include/openssl.old(卸载后不存在)
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/ssl/include/openssl/ /usr/include/openssl
echo "/usr/local/ssl/lib" >> /etc/ld.so.conf
echo "/usr/local/ssl//lib64" >> /etc/ld.so.conf
ln -s /usr/local/ssl/lib/libssl.so.1.0.0 /usr/lib64/libssl.so.1.0.0
ln -s /usr/local/ssl/lib/libcrypto.so.1.0.0 /usr/lib64/libcrypto.so.1.0.0
ldconfig -v
openssl version -a #查看OpenSSL版本 ssh
5#################################################################
openssh升级
rpm -e rpm -qa|grep openssh --nodeps (卸载openssh)
tar -zxvf openssh-7.7p1.tar.gz
cd openssh-7.7p1
./configure --prefix=/usr/local/openssh --with-ssl-dir=/usr/local/ssl --with-zlib=/usr/local/zlib
make && make install
cp -r /etc/ssh /etc/sshold
cp /tmp/openssh-7.7p1/contrib/redhat/sshd.init /etc/init.d/sshd
chkconfig --add sshd
cp /usr/local/openssh/etc/sshd_config /etc/ssh/sshd_config
cp /usr/local/openssh/sbin/sshd /usr/sbin/sshd
cp /usr/local/openssh/bin/ssh /usr/bin/ssh
cp /usr/local/openssh/bin/ssh-keygen /usr/bin/ssh-keygen
cp /usr/local/openssh/etc/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub(解决重启sshd报错:/sbin/restorecon: lstat(/etc/ssh/ssh_host_ecdsa_key.pub) failed: No such file or directory)ide
vi /etc/ssh/sshd_config(查看sftp后跟的路径是否正确)
Subsystem sftp /usr/local/openssh/libexec/sftp-server rest
6#######################默认root不能远程ssh登陆,须要su,如下配置root远程能够登陆
vi /etc/ssh/sshd_config
PasswordAuthentication yes
PermitRootLogin yescode
vi /etc/init.d/sshd
在$SSHD $OPTIONS && success || failure上方一行添加以下
OPTIONS="-f /etc/ssh/sshd_config"server
7#############################查看版本
service sshd restart
[root@localhost tmp]# ssh -V
OpenSSH_7.7p1, OpenSSL 1.0.2o 27 Mar 2018ssl