编译升级openssl和openssh版本脚步 

#!/bin/bash

build_dir=/data/project_build
openssl_download=https://www.openssl.org/source/openssl-1.1.1m.tar.gz
openssh_download=https://mirrors.aliyun.com/pub/OpenBSD/OpenSSH/portable/openssh-8.8p1.tar.gz
[ -d $build_dir ]|| mkdir -p $build_dir

yum install zlib-devel wget openssl-devel pam-devel gcc make perl zlib zlib-devel pam pam-devel -y

#下载编译包
cd  $build_dir
wget $openssh_download
wget $openssl_download --no-check-certificate

tar xf openssl*.tar.gz
cd openssl*
openssl_version=`pwd|awk -F'/' '{print $NF}'`
./config --prefix=/usr/local/${openssl_version}
make && make install
ln -s /usr/local/${openssl_version} /usr/local/openssl
mv /usr/bin/openssl /usr/bin/openssl_old
#mv  /usr/include/openssl.old
ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/openssl/include/openssl /usr/include/openssl
ln -s /usr/local/openssl/lib/libssl.so.1.1 /usr/lib64/libssl.so.1.1
ln -s /usr/local/openssl/lib/libcrypto.so.1.1 /usr/lib64/libcrypto.so.1.1

openssl version

##openssh

cd  $build_dir

#备份
mkdir /etc/ssh_old
mv /etc/ssh/* /etc/ssh_old/
cp -r /etc/sysconfig/sshd /etc/sysconfig/sshd.bak


###停止ssh服务,并卸载原有的openssh###
systemctl stop sshd
systemctl is-active sshd
#rpm -e --nodeps `rpm -qa | grep openssh`
yum -y remove openssh-clients openssh openssh-server


#编译安装
tar xf openssh*.tar.gz
cd openssh*
openssh_version=`pwd|awk -F'/' '{print $NF}'`

./configure --prefix=/usr/local/${openssh_version} --sysconfdir=/etc/ssh    --with-zlib  --with-ssl-dir=/usr/local/openssl   --with-md5-passwords   --with-pam   --with-ssl-engine  

make && make install

ln -s /usr/local/${openssh_version} /usr/local/openssh

#修改配置等
cp ${build_dir}/${openssh_version}/contrib/redhat/sshd.init /etc/init.d/sshd
chmod u+x /etc/init.d/sshd
sed -i 's/Subsystem/#Subsystem/g' /etc/ssh/sshd_config
echo 'Subsystem sftp /usr/local/openssh/libexec/sftp-server'>> /etc/ssh/sshd_config
sed -i 's/#PasswordAuthentication\ yes/PasswordAuthentication\ yes/g' /etc/ssh/sshd_config
echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config


#创建软连接
ln -s /usr/local/openssh/sbin/sshd /sbin/sshd
ln -s /usr/local/openssh/bin/ssh /usr/bin/ssh
ln -s /usr/local/openssh/bin/ssh-add /usr/bin/ssh-add
ln -s /usr/local/openssh/bin/ssh-keygen /usr/bin/ssh-keygen
ln -s /usr/local/openssh/bin/ssh-keyscan /usr/bin/ssh-keyscan
ln -s  /usr/local/openssh/bin/scp    /usr/bin/scp

ssh -V

chkconfig sshd on
systemctl restart sshd

 

posted @ 2022-01-14 10:03  巽逸  阅读(129)  评论(0编辑  收藏  举报