Centos6.6升级ssh5.3版本到ssh8.3版本
下载所需要的源码包:
]#wget https://files-cdn.cnblogs.com/files/luckjinyan/zlib-1.2.11.tar.gz
]#wget https://files-cdn.cnblogs.com/files/luckjinyan/openssh-8.3p1.tar.gz
]#wget https://files-cdn.cnblogs.com/files/luckjinyan/openssl-1.1.1g.tar.gz
备份当前openssh
# cp/etc/ssh /etc/ssh.bak
# cp /etc/init.d/sshd /etc/init.d/sshd.abk
卸载旧的版本
# rpm -e –nodeps openssh-xxx(使用这条命令逐个卸载)
rpm -e --nodeps openssh-askpass-5.3p1-104.el6.x86_64
rpm -e --nodeps openssh-server-5.3p1-104.el6.x86_64
rpm -e --nodeps openssh-5.3p1-104.el6.x86_64
rpm -e --nodeps openssh-clients-5.3p1-104.el6.x86_64
卸载时报错,解决:
rpm -e --noscripts openssh-server-5.3p1-104.el6.x86_64
配置阿里yum源
curl -O
curl -O
yum clean all && yum makecache
yum -y install gcc gcc-c++ vim pam* openssl-devel (先安装要使用的工具)
注:pam*测试时未安装 若安装在进行openssh配置时需加上--with-pam=enable
解压 (-C 可以指定解压到指定的目录)
]#tar zxf zlib-1.2.11.tar.gz
]#tar zxf openssl-1.1.1g.tar.gz
]#tar zxf openssh-8.3p1.tar.gz
编译安装zlib
cd zlib-1.2.11
./configure --prefix=http://www.likecs.com/usr/local/zlib
make && make install
编译安装openssl
cd openssl-1.1.1g ./config --prefix=http://www.likecs.com/usr/local/openssl -d shared make && make install mv /usr/bin/openssl /usr/bin/openssl.bak mv /usr/include/openssl /usr/include/openssl.bak ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl ln -s /usr/local/openssl/include/openssl /usr/include/openssl ln -s /usr/local/openssl/lib/libssl.so /usr/lib64/libssl.so //目前发现这一步有错误,可不做 echo '/usr/local/openssl/lib' >> /etc/ld.so.conf ldconfig -v openssl version
安装openssh
cd openssh-8.3p1 ./configure --prefix=http://www.likecs.com/usr --sysconfdir=http://www.likecs.com/etc/ssh --with-zlib=http://www.likecs.com/usr/local/zlib --with-ssl-dir=http://www.likecs.com/usr/local/openssl --with-md5-passwords make && make install
sshd_config文件修改
echo 'PermitRootLogin yes' >>/usr/local/openssh/etc/sshd_config echo 'PubkeyAuthentication yes' >>/usr/local/openssh/etc/sshd_config echo 'PasswordAuthentication yes' >>/usr/local/openssh/etc/sshd_config 解===>>> PermitRootLogin yes #允许root认证登录 PasswordAuthentication yes #允许密码认证RSAAuthentication yes #秘钥认证 PubkeyAuthentication yes #AuthorizedKeysFile .ssh/authorized_keys #默认公钥存放的位置
备份原有文件,并将新的配置复制到指定目录
cp -p /root/openssh-8.3p1/contrib/redhat/sshd.init /etc/init.d/sshd
cp -p /root/openssh-8.3p1/contrib/redhat/sshd.pam /etc/pam.d/sshd.pam(使用pam需拷贝)
启动sshd
service sshd restart centos7可直接使用systemctl进行管理查看信息版本
ssh -V 或者 sshd -v
ubuntu升级ssh到8.3版本
更改apt源为阿里源
vi /etc/apt/sources.list 添加以下内容
deb bionic main restricted universe multiverse
deb-src bionic main restricted universe multiverse
deb bionic-security main restricted universe multiverse
deb-src bionic-security main restricted universe multiverse
deb bionic-updates main restricted universe multiverse
deb-src bionic-updates main restricted universe multiverse
deb bionic-backports main restricted universe multiverse
deb-src bionic-backports main restricted universe multiverse
deb bionic-proposed main restricted universe multiverse
deb-src bionic-proposed main restricted universe multiverse
--------------------------------------------------------------------------------------------------------------------
更新一下apt库:
apt update
解压 (-C 可以指定解压到指定的目录)
]#tar zxf zlib-1.2.11.tar.gz
]#tar zxf openssl-1.1.1g.tar.gz
]#tar zxf openssh-8.3p1.tar.gz
安装gcc编译工具
apt-get install gcc make libpam0g-dev
编译zlib
./configure --prefix=http://www.likecs.com/usr/local/zlib
make
make install
编译安装openssl
cd openssl-1.1.1g ./config --prefix=http://www.likecs.com/usr/local/openssl -d shared make && make install mv /usr/bin/openssl /usr/bin/openssl.bak mv /usr/include/openssl /usr/include/openssl.bak ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl ln -s /usr/local/openssl/include/openssl /usr/include/openssl ln -s /usr/local/openssl/lib/libssl.so /usr/lib64/libssl.so //目前发现执行这一步有错误,可跳过 echo "/usr/local/openssl/lib" > /etc/ld.so.conf.d/openssl.conf //这一步与centos有一些区别 ldconfig openssl version //查看版本
# 备份原openssh文件
mv /etc/ssh /etc/ssh.bak
mv /etc/init.d/ssh /etc/init.d/ssh.bak
# 卸载原openssh
apt-get remove openssh-server openssh-client
cd openssh-8.3p1