#0.Set Path
SOFT_ZLIB=zlib-1.2.11
SOFT_OPENSSL=openssl-1.0.2p
SOFT_OPENSSH=openssh-7.9p1
DATE_TIME=`date +'%Y%m%d'`
#backup
mkdir /root/ssh_bak${DATE_TIME}/
#install rpm packages
#yum -y install gcc* make perl pam pam-devel
#1.uncompress zlib
cd /usr/local/src
tar -zxvf ${SOFT_ZLIB}.tar.gz
cd ${SOFT_ZLIB}
#isntall zlib
./configure --prefix=/usr --shared
make
make install
#5. intatll openssl
cd /usr/local/src
tar -zxvf ${SOFT_OPENSSL}.tar.gz
cd ${SOFT_OPENSSL}
./config -fPIC threads shared zlib
make
make test
make install
mkdir -p /root/ssh_bak${DATE_TIME}/include
mv /usr/bin/openssl /root/ssh_bak${DATE_TIME}/
\mv /usr/include/openssl /root/ssh_bak${DATE_TIME}/include
#//if not exists ,ignore
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/ssl/include/openssl /usr/include/openssl
#//if not exists ,ignore
#2.
chmod 755 /usr/local/ssl
echo "/usr/local/ssl/lib" >> /etc/ld.so.conf
/sbin/ldconfig -v
#show version
openssl version -a
#3.backup scripts
\cp /etc/init.d/sshd /root/ssh_bak${DATE_TIME}/
#4.uninstall openssh
rpm -qa |grep openssh |sort
#uninstall openssh
rpm -e --nodeps `rpm -qa |grep openssh`
#install openssl
#1.backup
mv /etc/ssh /root/ssh_bak${DATE_TIME}/
cd /usr/local/src
tar -zxvf ${SOFT_OPENSSH}.tar.gz
cd ${SOFT_OPENSSH}
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-zlib --with-ssl-dir=/usr/local/ssl \
--with-md5-passwords --mandir=/usr/share/man --with-pam
make
make install
#2.start sshd
cp -p contrib/redhat/sshd.init /etc/init.d/sshd
chmod +x /etc/init.d/sshd
chkconfig --add sshd
chkconfig sshd on
\cp sshd_config /etc/ssh/sshd_config
\cp sshd /usr/sbin/sshd
\cp ssh-keygen /usr/bin/ssh-keygen
#3.ssh port
#vi /etc/ssh/sshd_config
sed -i '/#Port/s/22/22/' /etc/ssh/sshd_config
sed -i '/#Port/s/#//' /etc/ssh/sshd_config
#(2)PermitRootLogin
#PermitRootLogin
#before Modify: #PermitRootLogin without-password
#alter Modify : PermitRootLogin yes
sed -i '/#PermitRootLogin/s/#//' /etc/ssh/sshd_config
sed -i '/PermitRootLogin/s/prohibit-password/yes/' /etc/ssh/sshd_config
#(3)touch ssh_host_key.pub
touch /etc/ssh/ssh_host_key.pub
#restart sshd
nohup service sshd restart &
#4.Try
ssh -V
#OpenSSH_7.5p1, OpenSSL 1.0.2o 27 Mar 2018
rpm -qa |grep openssh
ln -s /usr/local/bin/ssh /usr/bin/ssh
这是upgrade脚本设置,将所需要的安装包放到/usr/local/src
然后 ./upgrade.sh 即可,我这里没有安装telnet服务 ,
安装成功后,vi /etc/ssh/sshd_config
修改 PubkeyAuthentication yes