OpenSSH升級(從OpenSSH_7.4p1升級到OpenSSH_8.4p1)
[root@ecs-e1d6-0001 ~]
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
wget -c https://ftp.openssl.org/source/openssl-1.1.1h.tar.gz
wget -c https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/openssh-8.4p1.tar.gz
yum install -y gcc gcc-c++ glibc make autoconf openssl openssl-devel pcre-devel pam-devel
yum install -y pam* zlib*
mv /usr/bin/openssl /usr/bin/openssl_bak
mv /usr/include/openssl /usr/include/openssl_bak
tar xfz openssl-1.1.1h.tar.gz
cd openssl-1.1.1h
./config shared
make -j4
make install
ln -s /usr/local/include/openssl /usr/include/openssl
ln -s /usr/local/bin/openssl /usr/bin/openssl
ll /usr/include/openssl -ld
echo "/usr/local/lib">>/etc/ld.so.conf
/sbin/ldconfig
cd ..
tar xf openssh-8.4p1.tar.gz
cd openssh-8.4p1
./configure --prefix=/usr/ --sysconfdir=/etc/ssh --with-openssl-includes=/usr/local/include --with-ssl-dir=/usr/local/ --with-zlib --with-md5-passwords --with-pam
make -j4
make install
grep -E "^PermitRootLogin|^UseDNS" /etc/ssh/sshd_config
echo -e "\nKexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1" >> /etc/ssh/sshd_config
cp -a contrib/redhat/sshd.init /etc/init.d/sshd
cp -a contrib/redhat/sshd.pam /etc/pam.d/sshd.pam
chmod +x /etc/init.d/sshd
chkconfig --add sshd
systemctl enable sshd
mv /usr/lib/systemd/system/sshd.service /app/sshd.service
chkconfig sshd on
/etc/init.d/sshd restart
[root@virgo ~]
OpenSSH_8.4p1, OpenSSL 1.1.1h 22 Sep 2020
本作品採用《CC 協議》,轉載必須註明作者和本文連結
:kissing_closed_eyes:
我愛小硯 乀(ˉεˉ乀)