#!/bin/bash
#升级openssh版本
#判断系统用户使用脚本
if [ $(whoami) != "root" ]
then
echo -e "\033[31mWarning : Can not use the current user operating! \033[0m"
echo -e "\033[31mWarning : Please use the \033[0m \033[32m root \033[0m \033[31muser! \033[0m"
exit 1
fi;
#判断系统版本是否为x86_64
platform=$(uname -i)
if [ $platform != "x86_64" ];
then
echo -e "\033[31m this script is only for 64bit Operating System ! \033[0m"
exit 1
fi;
echo -e "\033[32m the platform is ok \033[0m"
cat << EOF
+---------------------------------------+
| your system is CentOS x86_64 |
| start optimizing....... |
+---------------------------------------+
EOF
function centos6()
{
yum install telnet-server -y
sed '12d' /etc/xinetd.d/telnet
sed '11a disable = no' /etc/xinetd.d/telnet
service xinetd restart
yum install gcc -y
yum install openssl-devel -y
yum install wget -y
#project_path=$(cd `dirname $0`; pwd)
mkdir -p /opt/ssh_update
cd /opt/ssh_update/
wget http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.5p1.tar.gz
#tar -zxvf $project_path/openssh-7.5p1.tar.gz
tar -zxvf /opt/ssh_update/openssh-7.5p1.tar.gz
cd /opt/ssh_update/openssh-7.5p1/
./configure
make && make install
cp /etc/init.d/sshd /etc/init.d/sshd_$(date +"%Y%m%d_%H%M%S")
sed -i 's#SSHD=/usr/sbin/sshd#SSHD=/usr/local/sbin/sshd#' /etc/init.d/sshd
echo -e "PermitRootLogin yes\nPasswordAuthentication yes" >> /usr/local/etc/sshd_config
mv /usr/bin/ssh /usr/bin/ssh_$(date +"%Y%m%d_%H%M%S")
mv /usr/local/bin/ssh /usr/bin/ssh
/etc/init.d/sshd restart
#/usr/local/sbin/sshd -t -f /usr/local/etc/sshd_config
}
function centos7()
{
yum install -y telnet-server
yum install -y xinetd
systemctl enable xinetd.service
systemctl enable telnet.socket
systemctl start telnet.socket
echo -e "pts/0\npts/1" >> /etc/securetty
systemctl start xinetd
firewall-cmd --zone=public --add-port=23/tcp --permanent
firewall-cmd --reload
yum -y install pam-devel.x86_64 zlib-devel.x86_64
yum install gcc -y
yum install openssl-devel -y
yum install wget -y
mv /etc/ssh/ /etc/ssh_$(date +"%Y%m%d_%H%M%S")
mkdir -p /opt/ssh_update
cd /opt/ssh_update/
wget http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.5p1.tar.gz
tar -zxvf openssh-7.5p1.tar.gz
cd /opt/ssh_update/openssh-7.5p1
./configure --prefix=/usr --sysconfdir=/etc/ssh
make
rpm -e --nodeps `rpm -qa | grep openssh`
make install
cp contrib/redhat/sshd.init /etc/init.d/sshd
chkconfig --add sshd
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
service sshd restart
}
#注意:centos7系统ssh服务升级完后运行此函数,关闭telnet服务
function stop_xinetd()
{
centos=$(rpm -q centos-release|cut -d- -f3)
if [ $centos -eq 6 ];
then
sed '12d' /etc/xinetd.d/telnet
sed '11a disable = yes' /etc/xinetd.d/telnet
service xinetd restart
else
systemctl disable xinetd.service
systemctl disable telnet.socket
systemctl stop telnet.socket
systemctl stop xinetd
firewall-cmd --zone=public --remove-port=23/tcp --permanent
firewall-cmd --reload
fi;
}
if [ "$1" = "stop_xinetd" ]; then
stop_xinetd;
fi;
if [ "$1" = "update" ]; then
centos=$(rpm -q centos-release|cut -d- -f3)
if [ $centos -eq 6 ];
then
centos6;
else
centos7;
fi;
fi;
