linux 升级 openssh9.2

1.上传openssh-9.2p1.tar.gz压缩包到/home目录底下

链接：https://pan.baidu.com/s/1S4uHc-An4FB6M5mWaVOHRQ 
提取码：wxv4

2.备份旧版ssh文件

mv /usr/sbin/sshd /usr/sbin/sshd.bak

mv /usr/bin/ssh /usr/bin/ssh.bak

3.安装依赖包

yum -y install zlib-devel openssl-devel gcc

4.解压编译安装

tar zvxf openssh-9.2p1.tar.gz
cd openssh-9.2p1
./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh
make && make install

5.备份秘钥文件 

cp -rf /usr/local/openssh/etc /usr/local/openssh/etc.bak

6.替换为旧版ssh秘钥

cp -rf /etc/ssh/ssh_host_*  /usr/local/openssh/etc

7.修改配置文件

cp /home/openssh-9.2p1/sshd_config /etc/ssh/sshd_config

vi /etc/ssh/sshd_config

#PermitRootLogin prohibit-password 改为 PermitRootLogin yes
最后一行加上以下配置
KexAlgorithms -diffie-hellman-group1-sha1,diffie-hellman-group1-sha256,diffie-hellman-group14-sha1,diffie-hellman-group14-sha256,diffie-hellman-group15-sha256,diffie-hellman-group15-sha512,diffie-hellman-group16-sha256,diffie-hellman-group16-sha512,diffie-hellman-group17-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha512

8.创建软链接

ln -sf /usr/local/openssh/sbin/sshd /usr/sbin/
ln -sf /usr/local/openssh/bin/ssh /usr/bin/

9.更换sshd.service文件

从源码包复制sshd启动脚本到原先的地方
cp /home/openssh-9.2p1/contrib/redhat/sshd.init /etc/init.d/sshd
修改权限
chmod 755 /etc/init.d/sshd

10.添加开机启动

chkconfig --add sshd
chkconfig sshd on

11.重启服务

systemctl restart sshd