Edehuag

导航

openSSH升级

升级前准备:(准备Telnet连接方式防止SSh中断无法连接服务)

1、安装telnet xinetd
yum -y install telnet* xinetd*

2、用vi工具打开securetty 
vi /etc/securetty | grep pts

3、将下列数据粘贴到最后面
pts/1
pts/2
pts/3
pts/4
pts/5
4、启动telnet
systemctl start telnet.socket
systemctl status telnet.socket

5、测试连接作为网络中断后的第二连接方式(非常重要)
S:\cmder
λ telnet 192.168.7.177Kernel 3.10.0-1127.el7.x86_64 on an x86_64

开始升级

查看版本信息
ssh -V
安装编译相关资源
yum install wget tar make gcc openssl-devel zlib-devel
查看sshrpm安装情况
rpm -qa | grep ssh
将原有ssh备份 因为后面要remove所以不能cope
mv /etc/ssh /etc/ssh.bak
删除原本ssh
yum remove openssh-7.4p1
查看删除结果
rpm -qa | grep ssh
下载openSSh
wget https://mirrors.sonic.net/pub/OpenBSD/OpenSSH/portable/openssh-9.0p1.tar.gz
解压压缩包
tar xzf openssh-9.0p1.tar.gz

编译

预编译生成make文件为了后面的编译
./configure --sysconfdir=/etc/ssh
编译
make 
安装
make install

相关文件参数调整

复制生成ssh服务文件
cp -a contrib/redhat/sshd.init /etc/init.d/sshd
复制生成ssh-keygen到/usr/bin下
cp -a /usr/local/bin/ssh-keygen /usr/bin/ssh-keygen
查看安装结果
ll /usr/local/sbin/sshd
-rwxr-xr-x 1 root root 904160 Nov 4 10:32 /usr/local/sbin/sshd  //说明正常
查看和主程序位置
cat /etc/init.d/sshd | grep SSHD=
用vi打开 /etc/init.d/sshd 并修改SSHD如下
SSHD=/usr/local/sbin/sshd
设置开机自动启动
chkconfig --add sshd
chkconfig sshd on
systemctl daemon-reload
systemctl restart sshd
systemctl status sshd
设置root可以远程登录
cat /etc/ssh/sshd_config | grep PermitRootLogin

systemctl restart sshd
systemctl status sshd

停用telnet

telnet是明文传输该地方使用只是为了ssh升级过程中担心异常导致的无法登录

systemctl status telnet.socket
systemctl stop telnet.socket
systemctl status telnet.socket

posted on 2024-09-30 13:59  饿得慌~  阅读(122)  评论(0编辑  收藏  举报