Openssh7-8.8升级心路历程

mkdir /mnt/cdrom
mount -o loop -t iso9660 rhel-server-7.6-x86_64-dvd.iso /mnt/cdrom
rpm -qa | grep xinetd
rpm -ivh xinetd-2.3.15-14.el7.x86_64.rpm
service xinetd start
rpm -qa | grep yum
chmod -R -755 /dev/loop0
chmod -R 770 /home/rhel-server-7.6-x86_64-dvd.iso
chown -R root.root /home/rhel-server-7.6-x86_64-dvd.iso
mount -t iso9660 /home/rhel-server-7.6-x86_64-dvd.iso /mnt/cdrom
vi /etc/yum.repos.d/local.repo
[local]
name=local
baseurl=file:///mnt/cdrom
enabled=1
gpgcheck=0
dgpkey=file:///mnt/cdrom/RPM-GPM-GPG-KEY-CentOS-7

yum clean all && yum makecache
yum repolist
yum list | grep telnet
yum -y install telnet-server.x86_64
yum -y install telnet.x86_64
yum -y install xinted.x86_64
ps -aux | grep xin
vi /etc/xinetd.d/telnet

service telnet
{
flags = REUSE
socket_type = stream
wait = no
user = root
server =/usr/sbin/in.telnetd
log_on_failure += USERID
disable = no
}

systemctl enable telnet.socket
systemctl start telnet.socket
systemctl start xinetd
chkconfig --list
ps -aux | grep tel
ps -aux | grep telnet
ps -aux | grep xinte
ps -aux | grep xinted
cat /usr/sbin/in.telnetd
service iptables status
yum install iptables-services
systemctl enable iptables
systemctl start iptables
service iptables status
service iptables stop
cat /etc/pam.d/login
vi /etc/pam.d/login
netstat -ano | grep 23
adduser ld
passwd ld
su ld
vi /etc/ld.so.conf
echo "/usr/local/openssl/lib" >> /etc/ld.so.conf
ldconfig -v

openssl version
openssh version
cd /home
ll
ldconfig -v

rpm -iv zlib-devel-1.2.7-18.el7.x86_64.rpm
yum list installed | grep zlib

tar -xzvf openssl-1.1.1l.tar.gz
tar -xzvf openssh-8.8p1.tar.gz
cd openssl-1.1.1l/
yum install -y gcc gcc-c++ glibc make autoconf openssl openssl-devel pcre-devel pam-devel
yum install -y pam* zlib*
./config --prefix=/usr/local/openssl
make && make install

mv /usr/bin/openssl /usr/bin/opssl.bak
./config --prefix=/usr/local/openssl
make && make install
openssl version
openssl -V
openssl version
ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/openssl/include/openssl /usr/include/openssl
history
ldconfig -v
openssl version

521 tar -zxvf openssh-8.8p1.tar.gz
522 cd openssh-8.8p1/
523 ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-tcp-wrappers --with-ssl-dir=/usr/local/lib64 --without-hardening
524 make && make install
525 ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-tcp-wrappers --with-ssl-dir=/usr/local/openssl --without-hardening
526 make && make install
527 ssh -V
528 cp -a contrib/redhat/sshd.init /etc/init.d/sshd
529 cp -a contrib/redhat/sshd.pam /etc/pam.d/sshd.pam
530 chmod u+x /etc/init.d/sshd
531 vi /etc/ssh/sshd_config
532 chkconfig --add sshd
533 chkconfig sshd on
534 systemctl restart sshd
535 /usr/ssh/sshd -t -f /etc/ssh/sshd_config
536 /usr/sbin/sshd -t -f /etc/ssh/sshd_config
537 systemctl restart sshd
538 cat /etc/ssh/sshd_config
539 vi /etc/ssh/sshd_config
540 service ssh start
541 service ssh restart
542 systemctl restart ssh
543 systemctl restart sshd
544 semanage port -l | grep ssh
545 vi /etc/ssh/sshd_config
546 systemctl restart sshd
547 systemctl status sshd.service
548 chmod 600 /etc/ssh/ssh_host_ed25519_key
549 systemctl restart sshd
550 systemctl status sshd.service
551 sshd -t
552 chmod 600 /etc/ssh/ssh_host_rsa_key
553 chmod 600 /etc/ssh/ssh_host_ecdsa_key
554 systemctl restart sshd
555 systemctl status sshd.service
556 sshd -t
557 vi /etc/ssh/ssh_config
558 systemctl restart sshd
559 sshd -t
560 vi /etc/ssh/ssh_config
561 ls
562 cd ../
563 ls
564 history
565 sshd -t
566 vi /etc/ssh/sshd_config
567 systemctl restart sshd
568 sshd -t
569 systemctl status sshd.service
570 sshd -t
571 /usr/sbin/sshd -t
572 journalctl -xe
573 sshd -t
574 systemctl restart sshd
575 ssd -v
576 ssd -V
577 ssh -V
578 systemctl restart sshd
579 history
580 yum install -y gcc gcc-c++ glibc make autoconf openssl openssl-devel pcre-devel pam-devel
581 yum install -y pam* zlib*
582 cd openssl-1.1.1l/
583 ./config --prefix=/usr/local/openssl
584 make
585 make install
586 openssl -version
587 openssl version
588 systemctl restart sshd
589 sshd -t
590 vi /etc/ssh/ssh_config
591 vi /etc/ssh/sshd_config
592 vi /root/.ssh/config
593 chmod 600 /etc/ssh/*
594 chmod +x /etc/init.d/sshd
595 chkconfig --add sshd
596 systemctl enable sshd
597 chkconfig sshd on
598 systemctl daemon-reload
599 systemctl start sshd
600 sshd -t
601 vi /etc/ssh/sshd_config
602 systemctl daemon-reload
603 systemctl start sshd
604 sshd -t
605 cd ../
606 cd openssh-8.8p1/
607 ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-tcp-wrappers --with-ssl-dir=/usr/local/openssl --with-zlib=/usr/local/lib64 --without-hardening
608 vi /etc/pam.d/sshd
609 ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-tcp-wrappers --with-ssl-dir=/usr/local/openssl --with-zlib=/usr/local/lib64 --without-hardening
610 ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-tcp-wrappers --with-ssl-dir=/usr/local/openssl --with-zlib=/usr/local/lib64 --without-hardening
611 make
612 make install
613 make /etc/init.d/sshd restart
614 systemctl start sshd
615 systemctl status sshd.service
616 sshd -t
617 journalctl -xe
618 systemctl daemon-reload
619 systemctl start sshd
620 journalctl -xe
621 ssh -t
622 sshd -t
623 systemctl start sshd
624 journalctl -xe
625 sshd
626 journalctl -xe ssdh
627 sshd
628 sshd -t
629 Sshd
630 journalctl -xe
631 ssh -V
632 systemctl status sshd
633 systemctl daemon-reload
634 systemctl start sshd
635 systemctl status sshd
636 less /var/logs/messages
637 cat /var/empty/sshd
638 chmod -R 744 /etc/init.d/sshd
mv /lib/systemd/system/sshd.service /lib/systemd/system/sshd.service.bak

cp -a contrib/redhat/sshd.init /etc/init.d/sshd
1072 cp -a contrib/redhat/sshd.pam /etc/pam.d/sshd.pam

cp sshd.init /etc/init.d/

639 systemctl start sshd
640 vi /etc/
641 vi /etc/ssh/sshd_config
642 journalctl -xe
643 systemctl stop ssh.service
644 systemctl stop sshd.service
645 cat /lib/systemd/system/ssh.service
646 cat /lib/systemd/system/sshd.service
647 mv /lib/systemd/system/sshd.service /lib/systemd/system/sshd.service.bak
648 systemctl daemon-reload
649 cd /etc/init.d/

setenforce 0

GSSAPIAuthentication yes

GSSAPICleanupCredentials no

你可能感兴趣的:(Openssh7-8.8升级心路历程)