1.解压缩包
tar -zxvf openssl-fips-2.0.13.tar.gz -C /usr/local/src/openssl-fips-2.0.13
tar -zxvf openssl-1.0.2h.tar.gz -C /usr/local/src/openssl-1.0.2h
tar -zxvf openssh-7.3p1.tar.gz -C /usr/local/src/openssh-7.3p1
2.备份原文件
mv /usr/bin/openssl /usr/bin/openssl.bak.20161213
mv /usr/bin/ssh /usr/bin/ssh.bak.20161213
mv /usr/sbin/sshd /usr/sbin/sshd.bak.20161213
mv /usr/bin/ssh /usr/bin/ssh.bak.20161213
mv /usr/sbin/sshd /usr/sbin/sshd.bak.20161213
mv /etc/ssh/sshd_config /etc/ssh/sshd_config.bak.20161213
3.安装依赖包
yum install -y gcc* pam*
4.安装openssl-fips
cd /usr/local/src/openssl-fips-2.0.13
./config --prefix=/usr/local/openssl-fips
make && make install
./config --prefix=/usr/local/openssl-fips
make && make install
5.安装openssl
cd /usr/local/src/openssl-1.0.2h
./config fips --prefix=/usr/local/openssl-1.0.2h --with-fipsdir=/usr/local/openssl-fips
make && make install
cp /usr/local/openssl-1.0.2h/bin/openssl /usr/bin/
./config fips --prefix=/usr/local/openssl-1.0.2h --with-fipsdir=/usr/local/openssl-fips
make && make install
cp /usr/local/openssl-1.0.2h/bin/openssl /usr/bin/
openssl version
6.安装openssh
cd /usr/local/src/openssh-7.3p1
./configure --prefix=/usr/local/openssh-7.3.1 --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-tcp-wrappers --with-ssl-dir=/usr/local/openssl-1.0.2h --without-hardening --without-zlib-version-check
./configure --prefix=/usr/local/openssh-7.3.1 --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-tcp-wrappers --with-ssl-dir=/usr/local/openssl-1.0.2h --without-hardening --without-zlib-version-check
make && make install
cp /usr/local/openssh-7.3p1/bin/ssh /usr/bin/
cp /usr/local/openssh-7.3p1/sbin/sshd /usr/sbin/
cp /usr/local/openssh-7.3p1/sbin/sshd /usr/sbin/
ssh -V
service sshd restart
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/8551823/viewspace-2130889/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/8551823/viewspace-2130889/