此脚本只针对centos7.8,centos7.2略有区别
#!/bin/bash
systemctl stop firewalld.service
setenforce 0
sed -i s#SELINUX=enforcing#SELINUX=disabled# /etc/selinux/config
yum -y install gcc make perl zlib zlib-devel pam pam-devel --nogpgcheck
systemctl stop sshd
cp -r /etc/ssh /etc/ssh.old
rpm -e --nodeps openssh-clients
rpm -e --nodeps openssh
rpm -e --nodeps openssh-server
tar -xzvf zlib-1.2.11.tar.gz && cd zlib-1.2.11
make
make install
echo "/usr/local/zlib/lib " > /etc/ld.so.conf.d/zlib.conf
ldconfig -v
cd /usr/local/src/
tar -xzvf openssl-1.1.1l.tar.gz && cd openssl-1.1.1l
./config --prefix=/usr/local/openssl --shared zlib
make
make install
mv /usr/bin/openssl /usr/bin/openssl.bak
ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/openssl/include/openssl /usr/include/openssl
ln -s /usr/local/openssl/lib/libssl.so.1.1 /usr/lib64/libssl.so.1.1
ln -s /usr/local/openssl/lib/libcrypto.so.1.1 /usr/lib64/libcrypto.so.1.1
echo "/usr/local/openssl/lib" > /etc/ld.so.conf.d/ssl.conf
ldconfig -v
cd /usr/local/src/
tar zxvf openssh-8.4p1.tar.gz && cd openssh-8.4p1
./configure --prefix=/usr/local/openssh \
--sysconfdir=/etc/ssh \
--with-pam \
--with-ssl-dir=/usr/local/openssl \
--with-md5-passwords \
--mandir=/usr/share/man \
--with-zlib=/usr/local/zlib \
--without-hardening
make
make install
cp ./contrib/redhat/sshd.init /etc/init.d/sshd
chmod +x /etc/init.d/sshd
ln -s /usr/local/openssh/sbin/sshd /usr/sbin/sshd
ln -s /usr/local/openssh/bin/ssh-keygen /usr/bin/ssh-keygen
echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
chkconfig --add sshd
chkconfig sshd on
systemctl restart sshd