最新版openssh 6.6p1  openssl 1.0.1l 升级碰到一些问题做了笔记。

开启telnet,SSH不能工作时,也可以用telnet

vi /etc/xinetd.d/krb5-telnet

        service telnet

{

        flags           = REUSE

        socket_type     = stream

        wait            = no

        user            = root

        server          = /usr/kerberos/sbin/telnetd

        log_on_failure  += USERID

        disable         = no

}


servcie xinetd restart




一、zlib升级

解压zlib

make uninstall

./configure-prefix=/usr/local/zlib

make

makeinstall

 

在/etc/profile中加入以下,重新登录生效。

 LIBRARY_PATH=/usr/local/zlib-1.2.8/lib/:$LIBRARY_PATH

export  LIBRARY_PATH

LD_LIBRARY_PATH=/usr/local/zlib-1.2.8/lib/:$LD_LIBRARY_PATH

export  LD_LIBRARY_PATH

C_INCLUDE_PATH=/usr/local/zlib-1.2.8/include/:$C_INCLUDE_PATH

exportC_INCLUDE_PATH


二、Openssl升级

解压opensll

./config  --openssldir=/usr/local/openssl shared zlib

 

make

make test

make install

 

/etc/profile中加入以下,重新登录生效。

PATH=/usr/local/openssl/bin:$PATH

export PATH

 

 

echo"/usr/local/openssl/lib" >> /etc/ld.so.conf

 

ldconfig -v|grep local

 

openssl version -a


openssh升级

 



 rpm -e `rpm -qa|grep openssh` 

 

./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh --with-pam  --with-md5-passwords    --mandir=/usr/share/man --with-zlib=/usr/local/zlib  --with-ssl-dir=/usr/local/openssl

make

make install

 

以下步骤不加会报错,因为openssh升级了,以前的参数不适应。

cp -p  contrib/redhat/sshd.init /etc/init.d/sshd

chmod u+x  /etc/init.d/sshd

chkconfig  --add  sshd

chkconfig  sshd on

cp /usr/local/openssh/sbin/sshd  /usr/sbin/sshd

 cp /usr/local/openssh/bin/ssh-keygen /usr/bin/


/etc/profile

PATH=/usr/local/openssh/bin/:$PATH

export PATH

 

service sshd restart


 最后关闭telnet

vi /etc/xinetd.d/krb5-telnet

        service telnet

{

        flags           = REUSE

        socket_type     = stream

        wait            = no

        user            = root

        server          = /usr/kerberos/sbin/telnetd

        log_on_failure  += USERID

        disable         = yes

}


servcie xinetd restart