背景:是openssh7.9,会被漏洞扫描到提示高危
注意多连几个,top下防止中断,另外xshell5连9.5会报找不到host key,本文不解决该问题
下载openssh-9.5p1.tar.gz 上传至服务器
https://mirrors.aliyun.com/pub/OpenBSD/OpenSSH/portable/openssh-9.5p1.tar.gz
卸载7.9版本(貌似可以不操作这一步)
apt remove openssh-server openssh-client
unmask掉ssh
systemctl unmask ssh
安装依赖
apt install zlib1g-dev libpam0g-dev libssl-dev
解压安装
cd openssh-9.5p1/
./configure --prefix=/usr/local/ssh --sysconfdir=/etc/ssh --with-pam --with-zlib --with-ssl-dir=/usr/lib/ssl
make && make instal
复制一堆文件
cp ./ssh_config /etc/ssh/ssh_config
cp ./sshd_config /etc/ssh/sshd_config
cp -r /usr/local/ssh/bin/* /usr/bin/
cp -r /usr/local/ssh/sbin/* /usr/sbin/
允许root登录
echo "PermitRootLogin yes" >>/etc/ssh/sshd_config
重启服务,检查状态
systemctl restart ssh
systemctl restart sshd
systemctl status ssh
systemctl status sshd
ssh -V
sshd -V
需要开机自启的话,只执行即可
systemctl enable ssh