CentOS 6 升级openssh

最新推荐文章于 2025-05-28 11:46:47 发布

BlueBirdssh

最新推荐文章于 2025-05-28 11:46:47 发布

阅读量874

点赞数

CC 4.0 BY-SA版权

分类专栏：工具后端

本文链接：https://blog.youkuaiyun.com/BlueBirdssh/article/details/89562894

工具同时被 2 个专栏收录

48 篇文章

订阅专栏

后端

39 篇文章

订阅专栏

一、先安装telnet

先测试是否能连接 telnet.

二、升级openssh

完整版安装指南： http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/INSTALL

1.查看当前版本，安装包

ssh –V

检测之前安装的包（openssl和openssh同时更新）

rpm -qa | grep openssl  
rpm -qa | grep openssh

2.卸载旧的 ssh

#cp -r /etc/ssh /etc/ssh.old #备份一些之前的文件
#rpm -qa|grep openssh
#rpm -e --nodeps openssh-clients-6.6.1p1-31.el7.x86_64
#rpm -e --nodeps openssh-6.6.1p1-31.el7.x86_64
#rpm -e --nodeps openssh-server-6.6.1p1-31.el7.x86_64
#rpm -qa|grep openssh

如果之前就是源码安装的，找到之前的安装包，在里面执行

#make clean
#make uninstall

3.安装依赖库

#yum install gcc gcc-c++ zlib zlib-devel openssl openssl-devel pam-devel -y

4.编译

/configure --prefix=/usr --sysconfdir=/etc/ssh --with-ssl --with-zlib --with-md5-passwords --with-pam
./configure --prefix=/home/openssh/sshbin --sysconfdir=/home/openssh/sshconfig --with-ssl --with-zlib --with-md5-passwords --with-pam

--prefix 放执行文件
--sysconfdir 放配置文件


2. Building / Installation
--------------------------

To install OpenSSH with default options:

./configure
make
make install

This will install the OpenSSH binaries in /usr/local/bin, configuration files
in /usr/local/etc, the server in /usr/local/sbin, etc. To specify a different
installation prefix, use the --prefix option to configure:

./configure --prefix=/opt
make
make install

Will install OpenSSH in /opt/{bin,etc,lib,sbin}. You can also override
specific paths, for example:

./configure --prefix=/opt --sysconfdir=/etc/ssh
make
make install

This will install the binaries in /opt/{bin,lib,sbin}, but will place the
configuration files in /etc/ssh.

If you are using Privilege Separation (which is enabled by default)
then you will also need to create the user, group and directory used by
sshd for privilege separation.  See README.privsep for details.

make

make install

5.默认是22端口，开启root用户远程登录

此步骤不是必须。建议是关闭该选项，开启会有安全隐患。
vi /etc/ssh/sshd_config
PermitRootLogin yes

如果是二进制安装， sshd_config 可能在 --sysconfdir 所定义的目录中，修改这个才有效。

6.拷贝配置文件
cp -a /etc/ssh /etc/ssh_bak
cp ssh_config /etc/ssh/
cp sshd_config /etc/ssh/
cp moduli /etc/ssh/
cp contrib/redhat/sshd.init /etc/init.d/sshd

chmod a+x /etc/init.d/sshd

7.开启SSH服务,千万不能restart。使用restart会造成连不上，需要登录控制台启动。
service sshd start
/etc/init.d/sshd start

查看版本

8.开启开机启动

chkconfig sshd on

看版本

ssh -V