Centos6.6x系统与unbutu18.04系统升级ssh到8.3版本 (2)

./configure --prefix=http://www.likecs.com/usr --sysconfdir=http://www.likecs.com/etc/ssh --with-md5-passwords --with-pam --with-zlib=http://www.likecs.com/usr/local/zlib --with-ssl-dir=http://www.likecs.com/usr/local/openssl --with-privsep-path=http://www.likecs.com/var/lib/sshd #需要指定openssl的安装路径和zlib的安装路径

make && make install

 

1. 修改默认配置文件
根据之前配置修改,保证配置相同

2. 也可使用原来的配置文件
cd /etc/ssh
mv sshd_config sshd_config.default
cp ../ssh.old/sshd_config ./

# 使用原来的/etc/init.d/ssh
mv /etc/init.d/ssh.old /etc/init.d/ssh

 

# 取消注销指定服务
systemctl unmask ssh           

 

# 重启服务
systemctl restart ssh

 

 

---------------------------------报错-------------------------------------------

# 报错  checking whether OpenSSL's PRNG is internally seeded... yes

#       configure: error: PAM headers not found

# 解决：ubuntu： apt-get install libpam0g-dev   centos: yum -y install pam-devel

 

---------------------------------报错-------------------------------------------------------------------

# 报错： Privilege separation user sshd does not exist

vim /etc/passwd

sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin

# 注册名：口令：用户标识号：组标识号：用户名：用户主目录：命令解释程序

# /etc/passwd文件是Linux/UNIX安全的关键文件之一.该文件用于用户登录时校验 用户的口令,当然应当仅对root可写.

--------------------------------------------------------------------------------------------------------

 

 

 

 

 

Centos6（限6版本） ssh升级到8.3p脚本（超菜的写法，大神勿看）

 

#!/bin/bash

curl -o /opt/zlib-1.2.11.tar.gz > /dev/null

if [ $? == '0' ]; then

        echo "zlib源码包下载完成！！"

        else

        exit 1

fi

curl -o /opt/openssh-8.3p1.tar.gz >/dev/null

if [ $? == '0' ]; then

        echo "openssh源码包下载完成！！"

        else

        exit 1

fi

curl -o /opt/openssl-1.1.1g.tar.gz https://www.openssl.org/source/openssl-1.1.1g.tar.gz  >/dev/null

if [ $? == '0' ]; then

        echo "openssl源码包下载完成！！"

        else

        exit 1

fi

 

#rpm -q openssh > /dev/null && cat /etc/redhat-release |grep 6.* > /dev/null

 

if [ -d /etc/ssh ]; then

        mv /etc/ssh /etc/ssh.bak

        echo "备份ssh OK"

fi

 

if [ -f /etc/init.d/sshd ]; then

        mv /etc/init.d/sshd /etc/init.d/sshd.bak

        echo "备份sshd OK"

fi

 

rpm -qa |grep openssh-askpass > /dev/null

if [ $? == '0' ]; then

                rpm -e --nodeps openssh-askpass-5.3p1-104.el6.x86_64 && echo "成功卸载openssh-askpass"

fi

 

rpm -qa |grep openssh-server > /dev/null

if [ $? == '0' ]; then

                rpm -e --noscripts openssh-server-5.3p1-104.el6.x86_64 && echo "成功卸载openssh-server"

fi

 

rpm -qa |grep openssh-5.3p1 > /dev/null

if [ $? == '0' ]; then

                rpm -e --nodeps openssh-5.3p1-104.el6.x86_64 && echo "成功卸载openssh-5.3p1"

fi

 

rpm -qa |grep openssh-clients > /dev/null

if [ $? == '0' ]; then

                rpm -e --nodeps openssh-clients-5.3p1-104.el6.x86_64 && echo "成功卸载openssh-clients"

fi

 

curl -o /etc/yum.repos.d/Centos-6.repo >/dev/null  && echo "pull Centos-6.repo yes"

curl -o /etc/yum.repos.d/epel-6.repo >/dev/null  && echo "pull epel-6.repo yes"

yum clean all > /dev/null && yum makecache > /dev/null && echo "repo clan yes"

 

yum -y install gcc gcc-c++ vim pam* openssl-devel > /dev/null

 

if [ $? == '0' ];then

        echo "install依赖 yes"

        else

        exit 1

fi

 

tar zxf /opt/zlib-1.2.11.tar.gz -C /opt/ && cd /opt/zlib-1.2.11 && ./configure --prefix=http://www.likecs.com/usr/local/zlib >/dev/null && make >/dev/null && make install > /dev/null && echo "install zlib succeed"

 

if [ $? == '0' ];then

        tar zxf /opt/openssl-1.1.1g.tar.gz -C /opt/ && cd /opt/openssl-1.1.1g && ./config --prefix=http://www.likecs.com/usr/local/openssl -d shared >/dev/null && make >/dev/null && make install >/dev/null

        echo "install openssl succeed"

              else

        exit 1

fi

 

if [ $? == '0' ];then