YUM源配置
本地配置yum源(DVD挂载)
#挂载DVD
mount /dev/cdrom /mnt/cdrom/
#备份原文件:
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak
#修改yum文件配置
echo -e "[base]\nname=CentOS-6\nfailovermethod=priority\nbaseurl=file///mnt/cdrom/\ngpgcheck=0" > /etc/yum.repos.d/CentOS-Base.repo
本地配置yum源(ftp)
#搭建FTP服务器
# 建议使用FileZilla Server搭建
#备份原文件:
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak
#修改yum文件配置
echo -e "[base]\nname=CentOS-6\nfailovermethod=priority\nbaseurl=ftp://192.168.56.1\ngpgcheck=0" > /etc/yum.repos.d/CentOS-Base.repo
#联网更新yum源
http://mirrors.aliyun.com/centos-vault/6.5/os/x86_64/
#备份原文件:
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak
#修改yum文件配置
echo -e "[base]\nname=CentOS-6\nfailovermethod=priority\nbaseurl=http://mirrors.aliyun.com/centos-vault/6.5/os/x86_64/\ngpgcheck=0\nenable=1" > /etc/yum.repos.d/CentOS-Base.repo
#本地配置yum源(http)
#搭建http服务器
python -m SimpleHTTPServer 8080 #python2
python -m http.server 8080 #python3
#备份原文件:
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak
#修改yum文件配置
echo -e "[base]\nname=CentOS-6\nfailovermethod=priority\nbaseurl=http://192.168.56.1:8080\ngpgcheck=0" > /etc/yum.repos.d/CentOS-Base.repo
#YUM配置参考资料 :https://www.cnblogs.com/mchina/archive/2013/01/04/2842275.html
#更新仓库
yum clean all
yum update
yum makecache
#安装开发工具
yum install -y gcc gcc-c++ glibc make autoconf pcre-devel pam* zlib*
安装telnet服务
yum install -y telnet-server
#修改telnet服务随xinetd启动
sed -i "s/yes/no/g" /etc/xinetd.d/telnet
#修改配置文件可root登录
sed -i "s/account required/#account required/g" /etc/pam.d/remote
echo -e "pts/1\npts/2\npts/3\npts/4\npts/5\npts/6\npts/7\npts/8\npts/9\npts/10\npts/11" >> /etc/securetty
#放通防火墙规则
iptables -I INPUT 5 -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
#启用xinetd服务
service xinetd restart
#telnet-server参考文档:https://blog.csdn.net/weixin_34306676/article/details/89938841
#创建工作文件夹
mkdir work && cd work
#下载最新的openssl
wget https://ftp.openssl.org/source/openssl-1.1.1k.tar.gz --no-check-certificate
#下载最新的openssh
wget https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/openssh-8.6p1.tar.gz
#解压文件
tar zxf openssl-1.1.1k.tar.gz && tar zxf openssh-8.6p1.tar.gz
openssl安装
#备份原文件
mv /usr/bin/openssl /usr/bin/openssl.old
mv /usr/lib64/openssl /usr/lib64/openssl.old
#编译并安装
cd /root/work/openssl-1.1.1k
./config --prefix=/usr/local/openssl --openssldir=/usr/local/openssl --shared zlib && make && make install
#建立新文件到系统默认目录的软链接
ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/openssl/include/openssl /usr/include/openssl
ln -s /usr/local/openssl/lib/libssl.so /usr/lib64/libssl.so
#lib库配置加载
ln -s /usr/local/openssl/lib/libssl.so.1.1 /usr/lib64/
ln -s /usr/local/openssl/lib/libcrypto.so.1.1 /usr/lib64/
echo "/usr/local/openssl/lib" >> /etc/ld.so.conf
ldconfig -v
#验证openssl升级成功
openssl version
openssh安装
#移除原ssh系统配置文件
mv /etc/sysconfig/sshd /opt/sysconfig_sshd
mv /usr/sbin/sshd /opt/sshd_bak
#停止sshd服务
/etc/rc.d/init.d/sshd stop
#卸载老的sshd版本
for i in $(rpm -aq | grep openssh); do rpm -e $i --nodeps ; done
#编译并安装
cd /root/work/openssh-8.6p1
./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh --with-md5-passwords --with-pam=enable --with-ssl-dir=/usr/local/openssl --without-hardening --with-zlib=/usr/local/zlib && make && make install
#复制新版本文件到系统默认文件夹
cp -arf /usr/local/openssh/bin/* /usr/bin/
cp /usr/local/openssh/sbin/sshd /usr/sbin/sshd
cp -a /root/work/openssh-8.6p1/contrib/redhat/sshd.pam /etc/pam.d/sshd.pam
cp -a /root/work/openssh-8.6p1/contrib/redhat/sshd.init /etc/init.d/sshd
chmod a+x /etc/init.d/sshd
#允许root远程登陆
sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g" /etc/ssh/sshd_config
#设置sshd开机自动启动
chkconfig sshd on
chkconfig --list sshd
#重启sshd服务
service sshd restart
#验证ssh升级成功
ssh -V
#关闭telnet服务
sed -i "s/no/yes/g" /etc/xinetd.d/telnet
service xinetd stop
chkconfig xinetd stop
chkconfig --del xinetd
chkconfig --list
附PPT,一键命令行版本文件,所需包集合,请访问以下下载https://download.csdn.net/download/qq_37061517/19649054
#参考文档
#https://www.linuxlz.com/ssh/1688.html
#https://blog.csdn.net/weixin_30786617/article/details/99501250