openssh离线升级到最新版本【openssh8

如果下面telnet文件不存在的话，可以跳过这部分的更改【默认可以使用root登录】

[root@controll ~]# ll /etc/xinetd.d/telnet

ls: cannot access /etc/xinetd.d/telnet: No such file or directory

[root@controll ~]#

• 如果下面文件存在，请更改配置telnet可以root登录，把disable = no改成disable = yes

[root@rhel yum.repos.d]# vim /etc/xinetd.d/telnet

[root@rhel yum.repos.d]# cat /etc/xinetd.d/telnet

default: on

description: The telnet server serves telnet sessions; it uses \

unencrypted username/password pairs for authentication.

service telnet

{

disable = yes

flags = REUSE

socket_type = stream

wait = no

user = root

server = /usr/sbin/in.telnetd

log_on_failure += USERID

}

终端登陆配置

---

配置telnet登录的终端类型，在/etc/securetty文件末尾增加一些pts终端，如下

[root@controll ~]# vim /etc/securetty

[root@controll ~]# tail -n 4 /etc/securetty

pts/0

pts/1

pts/2

pts/3

[root@controll ~]#

服务安装

---

• 安装如下2个服务

[root@controll ~]# yum -y install telnet*

[root@controll ~]# yum -y install xinetd*

• 启动这2个服务

[root@centos76_2 ~]# systemctl enable telnet.socket

Created symlink from /etc/systemd/system/sockets.target.wants/telnet.socket to /usr/lib/systemd/system/telnet.socket.

[root@centos76_2 ~]# systemctl enable xinetd

[root@controll ~]# systemctl start telnet.socket

[root@controll ~]# systemctl start xinetd

[root@controll ~]# systemctl is-active telnet.socket

active

[root@controll ~]# systemctl is-active xinetd

active

[root@controll ~]#

systemctl enable xinetd

systemctl enable telnet.socket

• 查看23端口是否被监听

[root@controll ~]# netstat -ntlp | grep 23

tcp6 0 0 :::23 ::😗 LISTEN 1/systemd

[root@controll ~]#

telnet登录虚拟机

---

• 直接在当前虚拟机输入：telnet ip 回车能登录成功即可【因为没有/etc/xinetd.d/telnet这个文件夹，所以默认是可以用root直接登录的】

[root@controll ~]# telnet 192.168.59.133

Trying 192.168.59.133…

Connected to 192.168.59.133.

Escape character is ‘^]’.

Kernel 3.10.0-957.el7.x86_64 on an x86_64

controll login: root

Password:

Last login: Thu May 20 00:25:35 from ::ffff:192.168.59.133

[root@controll ~]# logout

Connection closed by foreign host.

[root@controll ~]#

• 使用工具的话就是【建议使用xshell连接telnet，如果secureCRT版本过低，会导致连接失败】

新建一个会话，协议选择为Telnet

telnet的端口是23

安装依赖包

====================================================================

• 注：依赖包只需要镜像中的本地源就足矣了；

• 升级需要几个组件，有些是和编译相关的等

[root@controll ~]# yum install -y gcc gcc-c++ glibc make autoconf openssl openssl-devel pcre-devel pam-devel

我这安装了20个包，如下

Installed:

autoconf.noarch 0:2.69-11.el7 gcc.x86_64 0:4.8.5-36.el7 gcc-c++.x86_64 0:4.8.5-36.el7 openssl-devel.x86_64 1:1.0.2k-16.el7 pam-devel.x86_64 0:1.1.8-22.el7

pcre-devel.x86_64 0:8.32-17.el7

Dependency Installed:

cpp.x86_64 0:4.8.5-36.el7 glibc-devel.x86_64 0:2.17-260.el7 glibc-headers.x86_64 0:2.17-260.el7 kernel-headers.x86_64 0:3.10.0-957.el7

keyutils-libs-devel.x86_64 0:1.5.8-3.el7 krb5-devel.x86_64 0:1.15.1-34.el7 libcom_err-devel.x86_64 0:1.42.9-13.el7 libkadm5.x86_64 0:1.15.1-34.el7

libselinux-devel.x86_64 0:2.5-14.1.el7 libsepol-devel.x86_64 0:2.5-10.el7 libstdc+±devel.x86_64 0:4.8.5-36.el7 libverto-devel.x86_64 0:0.2.5-4.el7

m4.x86_64 0:1.4.16-10.el7 zlib-devel.x86_64 0:1.2.7-18.el7

Complete!

[root@controll ~]# yum install -y pam* zlib*

我这安装了3个包，如下

Installed:

pam_krb5.x86_64 0:2.4.8-6.el7 pam_pkcs11.x86_64 0:0.6.2-30.el7

Dependency Installed:

pcsc-lite-libs.x86_64 0:1.8.8-8.el7

Complete!

准备open