升级前的准备
查看当前openssh版本
[root@localhost ~]# ssh -V OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
|
上传新版本openssh
[root@localhost software]# ls -ltrh total 9.2M -rw-r--r--. 1 root root 1.5M Jun 28 09:14 openssh-7.2p2.tar.gz -rw-r--r--. 1 root root 5.1M Jun 28 09:14 openssl-1.0.2h.tar.gz -rw-r--r--. 1 root root 2.7M Jun 28 09:14 zlib-1.2.8.tar.gz
|
安装依赖包
yum -y install gcc* make perl pam pam-devel zlib zlib-devel openssl openssl-devel telnet-server
|
安装telnet并启用
# vi /etc/xinetd.d/telnet disable=no
# vi /etc/securetty pst/1 pst/2 pst/3 pst/4 pst/5 pst/6 pst/7 pst/8 pst/9 pst/10 pst/11
# service xinetd start
|
升级openssh
通过telnet连接并卸载openssh
rpm -e --nodeps openssh-askpass-5.3p1-84.1.el6.x86_64 rpm -e --nodeps openssh-5.3p1-84.1.el6.x86_64 rpm -e --nodeps openssh-clients-5.3p1-84.1.el6.x86_64 rpm -e --nodeps openssh-server-5.3p1-84.1.el6.x86_64
|
安装zlib
# tar -xvf zlib-1.2.8.tar.gz # ./configure --prefix=/usr/local/zlib && make && make install
|
安装openssl
# tar -xvf openssl-1.0.2h.tar.gz # ./config --prefix=/usr/local/openssl # make depend # make && make install
|
安装openssh
# tar -xvf openssh-7.2p2.tar.gz # ./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh \ -with-ssl-dir=/usr/local/openssl --with-zlib=/usr/local/zlib \ --with-md5-passwords --without-hardening && make && make install
|
拷贝sshd服务到/etc/init.d下
# cp /software/openssh-7.2p2/contrib/redhat/sshd.init /etc/init.d/sshd # chmod +x /etc/init.d/sshd
|
修改sshd配置
# vi /etc/init.d/sshd SSHD=/usr/local/openssh/sbin/sshd # /usr/local/openssh/bin/ssh-keygen -A
|
sshd自启动
# chkconfig --add sshd # chkconfig --list |grep sshd sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off # service sshd start
|
Tips:安装完成默认不允许root用户远程登陆,需要修改PermitRootLogin为yes
修改环境变量
# echo "export PATH=$PATH:/usr/local/openssh/bin" >> /etc/profile
|
查看ssh版本并卸载telnet
# ssh -V OpenSSH_7.2p2, OpenSSL 1.0.2h 3 May 2016
# service stop xinetd # rpm -e --nodeps telnet*
|