LInux升级OpenSSH脚本
建议大家在虚拟机上试过之后再去生产环境执行。
次脚本可以从7.4升级到9.3p1,本人亲自验证过了
#!/bin/bash echo backup sshd_config to /etc/ssh/sshd_config.bak cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak echo backup sshd to /etc/pam.d/sshd.bak cp /etc/pam.d/sshd /etc/pam.d/sshd.bak if [ !-z openssh.zip ];then echo "not found openssh.zip" exit 1 fi echo unzip package... unzip openssh.zip cd openssh echo installing openssh... rpm -Uvh *.rpm chmod 600 /etc/ssh/ssh_host_rsa_key chmod 600 /etc/ssh/ssh_host_ecdsa_key chmod 600 /etc/ssh/ssh_host_ed25519_key echo backup now sshd_config.... mv /etc/ssh/sshd_config /etc/ssh/sshd_config.bak1 echo recover sshd_config.... mv /etc/ssh/sshd_config.bak /etc/ssh/sshd_config echo modify sshd cat > /etc/pam.d/sshd <<EOF #%PAM-1.0 auth required pam_sepermit.so auth include password-auth account required pam_nologin.so account include password-auth password include password-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_loginuid.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open env_params session optional pam_keyinit.so force revoke session include password-auth EOF echo modify sshd_config... sed -i -e "s/#PermitRootLogin yes/PermitRootLogin yes/g" /etc/ssh/sshd_config sed -i -e "s/#PasswordAuthentication yes/PasswordAuthentication yes/g" /etc/ssh/sshd_config systemctl restart sshd echo upgrade complete!
将openssh.zip 和这个脚本放在同一目录,然后执行./openssh.sh即可,openssh.zip 有需要请联系我获取
强烈建议,升级openssh之前 把telnet功能打开,避免升级失败后不能远程
不想平凡,奈何太懒 T_T
