centos7升级openssh

注意： openssl版本(openssl版本要大于1.0.1，zlib版本要大于1.1.4)

一、安装依赖包

yum -y install gcc make perl               #                   zlib zlib-devel 
yum install -y  gcc openssl-devel pam-devel rpm-build

yum install   telnet-server telnet xinetd -y

二、安装telnet服务非常重要

systemctl enable xinetd.service
systemctl enable telnet.socket

systemctl start telnet.socket
systemctl start xinetd

三、下载openssh 我是openssh-8.0p1

wget http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.0p1.tar.gz　　

四、关闭防火墙、selinx

#不关可能会导致ssh连不上
临时关闭：setenforce 0
永久关闭：sed -i 's/enforcing/disabled/g' /etc/sysconfig/selinux

五、升级openssh

mv /etc/ssh /etc/ssh.old

tar xf openssh-8.0p1.tar.gz
cd openssh-8.0p1

卸载
rpm -qa |grep  openssh

openssh-clients-7.4p1-16.el7.x86_64
openssh-7.4p1-16.el7.x86_64
openssh-server-7.4p1-16.el7.x86_64
cp -r /etc/ssh /etc/ssh.old


 for i in $(rpm -qa |grep openssh);do rpm -e $i --nodeps;done

 
 
cd openssh-8.0p1

 ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords--with-pam --with-tcp-wrappers  --with-ssl-dir=/usr/local/ssl --without-hardening

 
 make && make install
 
cp contrib/redhat/sshd.init /etc/init.d/sshd
chkconfig --add sshd
chkconfig sshd on
chkconfig --list|grep sshd
sed -i "32a PermitRootLogin yes" /etc/ssh/sshd_config
systemctl restart sshd

升级完成查看版本