一个80后
程序员的笔记

升级CentOS自带的OpenSSH到openssh-9.0p1

因为怕升级失败没办法远程,建议先安装telnet

yum -y install telnet-server.x86_64
yum list | grep telnet-server
yum -y install xinetd
yum list | grep xinetd
# 设置开机启动
systemctl enable telnet.socket
systemctl enable xinetd
# 启动telnet服务
systemctl start telnet.socket
systemctl start xinetd
# 查看23端口是否运行
netstat -lntup
# 在配置文件增加如下2行内容
vim /etc/securetty

pts/0
pts/1

安装openssh

# 下载地址:ttps://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/
# https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.0p1.tar.gz
wget https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.0p1.tar.gz
tar xvf openssh-9.0p1.tar.gz 
cd openssh-9.0p1
yum install zlib* -y
yum install -y libcry*
yum install -y openssl-devel
yum -y install pam-devel
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-tcp-wrappers --with-ssl-dir=/usr/local/openssl --with-zlib=/usr/local/lib64 --without-hardening
make
# 如果安装过程中报错执行:
chmod 600 /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ed25519_k
# 备份文件
mv /etc/ssh/ssh_config /etc/ssh/ssh_config.old
mv /etc/ssh/sshd_config /etc/ssh/sshd_config.old
mv /etc/ssh/moduli /etc/ssh/moduli.old
make install
# 对比之前的配置修改 端口什么别忘了
diff /etc/ssh/sshd_config /etc/ssh/sshd_config.old
# 复制到系统服务目录
cp -a contrib/redhat/sshd.init /etc/init.d/sshd
cp -a contrib/redhat/sshd.pam /etc/pam.d/sshd.pam
# 检查启动ssh服务的文件是否有可执行权限
ll /etc/init.d/sshd
# 设置开机启动
chkconfig --add sshd
systemctl enable sshd
/usr/lib/systemd/systemd-sysv-install enable sshd
systemctl enable sshd
# 移走之前的服务
mv /usr/lib/systemd/system/sshd.service ./sshd.service.old
# 重启
/etc/init.d/sshd restart
netstat -lntup
ssh -V
赞(0) 打赏
未经允许不得转载:笨笨天地 » 升级CentOS自带的OpenSSH到openssh-9.0p1
分享到: 更多 (0)

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址

觉得文章有用就打赏一下文章作者

支付宝扫一扫打赏

微信扫一扫打赏