因为升级openssh避免无法连接shell
需要配置telnet 我这里使用rpm安装
# 需要先检查一下机器是否安装了telnet 有的话需要卸载
$ rpm -qa | grep telnet
telnet-0.17-76.ky10.aarch64
$ rpm -evh telnet-0.17-76.ky10.aarch64
# 接下来顺序安装
kylin v10下载 先把这三个包上传服务器接着按照下面顺序安装
$ rpm -ivh xinetd-2.3.15-24.el8.aarch64.rpm
$ rpm -ivh telnet-server-0.17-76.el8.aarch64.rpm
$ rpm -ivh telnet-0.17-76.el8.aarch64.rpm
# 添加终端允许、不然远程会被拦截
$ for i in {1..8}; do echo "pts/$i" >> /etc/securetty; done
$ cat /etc/securetty
# 重启服务
$ systemctl restart xinetd && systemctl enable xinetd
$ systemctl restart telnet.socket && systemctl enable telnet.socket
# 检查是否重启
$ netstat -anpt | grep 23
# 接着就可以连接其他服务器了
$ telnet 172.x.x.x 23
$ tar -zxvf openssl-3.0.11.tar.gz
$ cd openssl-3.0.11.tar.gz
$ ./config --prefix=/usr/local/openssl
$ ./config -t
$ make && make install
$ cd /usr/local/openssl/bin
$ ldd openssl
linux-vdso.so.1 => (0x00007ffe44d8c000)
libssl.so.3 => not found
libcrypto.so.3 => not found
libdl.so.2 => /lib64/libdl.so.2 (0x00007ffbad08e000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007ffbace72000)
libc.so.6 => /lib64/libc.so.6 (0x00007ffbacaa4000)
/lib64/ld-linux-x86-64.so.2 (0x00007ffbad292000)
注意 not found 的两行,意思是 libssl.so.3 和 libcrypto.so.3 找不到所依赖的库文件,需要手动去连接库文件,执行如下指令:
ln -s /usr/local/openssl/lib/libssl.so.3 /usr/lib64/libssl.so.3
ln -s /usr/local/openssl/lib/libcrypto.so.3 /usr/lib64/libcrypto.so.3
sudo vim /etc/profile
#在文件的末尾添加
export OPENSSL_PATH=/usr/local/openssl/bin
export PATH=$OPENSSL_PATH:$PATH:$HOME/bin
#保存并退出文件
source /etc/profile
# openssh
3.1.4 备份openssh配置
$ cp -r /etc/ssh/ /etc/ssh_old/
3.2 升级操作
3.2.4 编译安装
编译配置
export CPPFLAGS="-I/usr/local/openssl/include"
export PKG_CONFIG_PATH=/usr/local/openssl/lib/pkgconfig
export LD_LIBRARY_PATH=/usr/local/openssl/lib:$LD_LIBRARY_PATH
./configure --sysconfdir=/etc/ssh --with-md5-passwords --with-ssl=/usr/local/openssl --with-pam LDFLAGS="-L/usr/local/openssl/lib"
配置文件迁移
cp -a contrib/redhat/sshd.pam /etc/pam.d/sshd.pam
cp -a contrib/redhat/sshd.init /etc/init.d/sshd
编译安装
make && make install
3.2.5配置
配置文件修改
sed -i "s/SSHD=\/usr\/sbin\/sshd/SSHD=\/usr\/local\/sbin\/sshd/g" /etc/init.d/sshd
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
设置开机启动项
chmod +x /etc/init.d/sshd
chkconfig --add sshd
chkconfig sshd on
systemctl daemon-reload
systemctl restart sshd