openssh升级至8.0

Openssh升级

https://www.cnblogs.com/nmap/p/10779658.html

 

一、安装依赖

yum update openssh -y

yum install  -y pam* zlib*

yum install  -y gcc gcc-c++ glibc make autoconf openssl openssl-devel pcre-devel  pam-devel

 

 

二、安装openssl-1.0.2r.tar.gz     下载 https://ftp.openssl.org/source/

tar xf openssl-1.0.2r.tar.gz

cd openssl-1.0.2r/

openssl version

mv /usr/bin/openssl /usr/bin/openssl_bak

mv /usr/include/openssl /usr/include/openssl_bak

./config shared && make && make install

ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl

ln -s /usr/local/ssl/include/openssl /usr/include/openssl

echo "/usr/local/ssl/lib" >> /etc/ld.so.conf

/sbin/ldconfig

openssl version

 

 

三、安装penssh-8.0p1.tar.gz     下载 https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/

tar xf openssh-8.0p1.tar.gz

cd openssh-8.0p1/

chown -R root.root ./

mv /etc/ssh /etc/ssh_bak

./configure --prefix=/usr/ --sysconfdir=/etc/ssh  --with-openssl-includes=/usr/local/ssl/include  --with-ssl-dir=/usr/local/ssl   --with-zlib   --with-md5-passwords   --with-pam  && make && make install

cp -a contrib/redhat/sshd.init /etc/init.d/sshd

cp -a contrib/redhat/sshd.pam /etc/pam.d/sshd.pam

chmod +x /etc/init.d/sshd

 chkconfig --add sshd

systemctl enable sshd

mv  /usr/lib/systemd/system/sshd.service  /usr/lib/systemd/system/sshd.service_bak

chkconfig sshd on

 

四、修改配置文件，并关闭selinux

1、PasswordAuthentication yes、PubkeyAuthentication yes、PasswordAuthentication yes

2、sed -i "s#SELINUX=enforcing#SELINUX=disabled#g" /etc/selinux/config

      setenforce 0

 

 

五、重启

/etc/init.d/sshd restart

systemctl restart sshd

ssh -V