centos7升级openssh
注意: openssl版本(openssl版本要大于1.0.1,zlib版本要大于1.1.4)
一、安装依赖包
yum -y install gcc make perl # zlib zlib-devel yum install -y gcc openssl-devel pam-devel rpm-build yum install telnet-server telnet xinetd -y
二、安装telnet服务非常重要
systemctl enable xinetd.service systemctl enable telnet.socket systemctl start telnet.socket systemctl start xinetd
三、下载openssh 我是openssh-8.0p1
wget http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.0p1.tar.gz
四、关闭防火墙、selinx
#不关可能会导致ssh连不上 临时关闭:setenforce 0 永久关闭:sed -i 's/enforcing/disabled/g' /etc/sysconfig/selinux
五、升级openssh
mv /etc/ssh /etc/ssh.old tar xf openssh-8.0p1.tar.gz cd openssh-8.0p1 卸载 rpm -qa |grep openssh openssh-clients-7.4p1-16.el7.x86_64 openssh-7.4p1-16.el7.x86_64 openssh-server-7.4p1-16.el7.x86_64 cp -r /etc/ssh /etc/ssh.old for i in $(rpm -qa |grep openssh);do rpm -e $i --nodeps;done cd openssh-8.0p1 ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords--with-pam --with-tcp-wrappers --with-ssl-dir=/usr/local/ssl --without-hardening make && make install cp contrib/redhat/sshd.init /etc/init.d/sshd chkconfig --add sshd chkconfig sshd on chkconfig --list|grep sshd sed -i "32a PermitRootLogin yes" /etc/ssh/sshd_config systemctl restart sshd
升级完成查看版本