参草文档:
https://www.cnblogs.com/wholj/p/10944407.html
https://www.cnblogs.com/xiaochina/p/7486073.html
https://zhidao.baidu.com/question/1884039839022543348.html
**https://www.cnblogs.com/xiaochina/p/7485359.html**
查看相关版本信息:
openssl version -a
openssh -V
编译sshd------参考wanglei_centos7.0定制过程.txt
版本:openssh6.6p1
1.http://mirrors.evowise.com/pub/OpenBSD/OpenSSH/portable/
2.https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/
3../configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh --with-pam(d) --with-md5-passwords \
--with-ssl-engine --with-tcp-wrappers=/usr/lib64/libwrap.so(d) --with-kerberos5=/usr/lib64/libkrb5.so \
--bindir=/usr/local/openssh/bin --sbindir=/usr/local/openssh/sbin
真实编译过程测试:
测试环境: centos7.6
1.获取openssh的版本:
https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/
2.编译:
./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh2 --with-ssl-dir=/usr/lib64/openssl/ --with-zlib
(ubuntu安装libssl-dev ; redhat安装openssl-devel 否则会报错)
yum install openssl-devel
3.安装:
make -j4 && make install
备份OpenSSH 旧配置文件#
mv /etc/init.d/sshd /etc/init.d/sshd.bak
4.修改ssh启动脚本
vim /root/openssh-7.4p1\contrib\redhat\sshd.init
sshd就是根据sshd,init修改的针对redhat发行版本
根据实际情况修正的sshd脚本 /etc/init.d/sshd
(没有的话:/root/openssh-7.4p1\contrib\redhat\sshd.init )
代码修改:
#!/bin/bash
#
# Init file for OpenSSH server daemon
#
# chkconfig: 2345 55 25
# description: OpenSSH server daemon
#
# processname: sshd
# config: /etc/ssh/ssh_host_key
# config: /etc/ssh/ssh_host_key.pub
# config: /etc/ssh/ssh_random_seed
# config: /etc/ssh/sshd_config
# pidfile: /var/run/sshd.pid
# source function library
. /etc/rc.d/init.d/functions
# pull in sysconfig settings
[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
RETVAL=0
prog="sshd"
# Some functions to make the below more readable
SSHD=/usr/local/openssh/sbin/sshd #按实际情况调整
PID_FILE=/var/run/sshd.pid
do_restart_sanity_check()
{
$SSHD -t
RETVAL=$?
if [ $RETVAL -ne 0 ]; then
failure $"Configuration file or keys are invalid"
echo
fi
}
start()
{
# Create keys if necessary
/usr/local/openssh/bin/ssh-keygen -A #按实际情况调整
if [ -x /sbin/restorecon ]; then
/sbin/restorecon /etc/ssh2/ssh_host_key.pub
/sbin/restorecon /etc/ssh2/ssh_host_rsa_key.pub
/sbin/restorecon /etc/ssh2/ssh_host_dsa_key.pub
/sbin/restorecon /etc/ssh2/ssh_host_ecdsa_key.pub
fi
echo -n $"Starting $prog:"
$SSHD $OPTIONS && success || failure
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
echo
}
stop()
{
echo -n $"Stopping $prog:"
killproc $SSHD -TERM
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/sshd
echo
}
reload()
{
echo -n $"Reloading $prog:"
killproc $SSHD -HUP
RETVAL=$?
echo
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
reload)
reload
;;
condrestart)
if [ -f /var/lock/subsys/sshd ] ; then
do_restart_sanity_check
if [ $RETVAL -eq 0 ] ; then
stop
# avoid race
sleep 3
start
fi
fi
;;
status)
status $SSHD
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|condrestart|status}"
RETVAL=1
esac
exit $RETVAL
chmod +x /etc/init.d/sshd
添加允许root远程登录
/etc/ssh2/sshd_config
PermitRootLogin yes
05、设置环境变量#
vim /etc/profile
export PATH=/usr/local/openssh/bin:$PATH
source /etc/profile
6.开机自启动 sshd
service sshd restart
chkconfig sshd on
$$$$$$$$$$$$$$$$$$$$$$$$ 下 面 是 o p e n s s l 下面是openssl 下面是openssl$$$$$$$$$$$$$$$$$$$$$$$$
参草文档:
https://www.cnblogs.com/xiaochina/p/7485359.html
真实编译过程测试:
测试环境: centos7.6
1.下载openssl
https://www.openssl.org/source/
https://github.com/openssl/openssl/releases
https://www.openssl.org/source/openssl-1.0.2l.tar.gz
2.准备工作
yum install perl perl-devel gcc gcc-c++ -y
3.编译安装
mkdir -p /usr/local/openssllll
./config -fPIC --prefix=/usr/local/openssllll enable-shared
make -j4 && make install -j4
注释:
--prefix:指定安装目录
-fPIC:编译openssl的静态库
enable-shared:编译动态库 #在编译openssh需要用道
4.替换文件
mv /usr/bin/openssl /usr/bin/openssl.bak
mv /usr/include/openssl /usr/include/openssl.bak
做软链接
ln -sf /usr/local/openssllll/bin/openssl /usr/bin/openssl
ln -sf /usr/local/openssllll/include/openssl /usr/include/openssl
echo '/usr/local/openssllll/lib' >> /etc/ld.so.conf
加载共享库
ldd /usr/local/openssllll/bin/openssl
ldconfig -v
#版本查看
openssl version -a