centos 7 升级openssh到OpenSSH_8.2p1

一、参考
CentOS7 OpenSSH_7.4p1升级到OpenSSH_8.2p1(编译安装)
http://note.youdao.com/noteshare?id=18c98a718b38769f6d811ddf4134d042&sub=6F03F36361AF423C9481BA706A921947

CentOS7 升级OpenSSH到8.2p1后无法进行ssh远程登录
http://note.youdao.com/noteshare?id=1caba986dff3609af2c3765997a87df7&sub=DC9E2B8EF836490C86A402EDF896F7E3

二、脚本

#!/bin/bash
#安装配置telnet，预防升级过程中出现问题，导致SSH无法使用
yum install -y telnet telnet-server
systemctl enable telnet.socket
systemctl start telnet.socket
ss -tnl | grep 23
useradd telnet_test
echo "telnet_test" | passwd --stdin telnet_test

#安装编译环境并卸载旧版本OpenSSH
yum install zlib-devel openssl-devel pam-devel -y
cp -r /etc/ssh /etc/ssh.old
rpm -qa | grep openssh
rpm -e --nodeps openssh-clients
rpm -e --nodeps openssh-server
rpm -e --nodeps openssh-7.4p1
rpm -qa | grep openssh

#编译安装OpenSSH_8.2p1
cd /usr/local
tar -zxvf openssh-8.2p1.tar.gz

cd /usr/local/openssh-8.2p1/
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam
make
chmod 600 /etc/ssh/ssh_host_rsa_key
chmod 600 /etc/ssh/ssh_host_ecdsa_key
chmod 600 /etc/ssh/ssh_host_ed25519_key
make install
install -v -m755 contrib/ssh-copy-id /usr/bin

cp /etc/ssh/sshd_config{,.bak}
sed -i "s@#PermitRootLogin prohibit-password@PermitRootLogin yes@" /etc/ssh/sshd_config
sed -i "s@#PasswordAuthentication yes@PasswordAuthentication yes@" /etc/ssh/sshd_config
echo "KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1,[email protected]" >> /etc/ssh/sshd_config

#配置开机启用
cd /usr/local/openssh-8.2p1/
cp -p contrib/redhat/sshd.init /etc/init.d/sshd
chmod +x /etc/init.d/sshd
chkconfig --add sshd
/sbin/chkconfig sshd on
systemctl start sshd

#验证
echo ""
echo ""
ifconfig | grep "inet"
ssh -V
systemctl status sshd | grep "Active:"