1.查看现有的ssh的版本
ssh -V
openssl version
2.安装启动并配置telnet服务 | 防止ssh升级失败无法访问服务器
yum install -y telnet-server telnet xinetd
systemctl enable xinetd.service
systemctl enable telnet.socket
systemctl start telnet.socket
systemctl start xinetd.service
echo 'pts/0' >>/etc/securetty
echo 'pts/1' >>/etc/securetty
echo 'pts/2' >>/etc/securetty
3.systemctl stop firewalld 建议升级过程中关闭防火墙
4.备份数据
cp -r /etc/ssh /etc/ssh.bak
cp /etc/init.d/ssh /etc/init.d/ssh.bak(没有就算了,反正我的没有)
cp -r /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
4. tar -zxf openssh-8.5p1.tar.gz
5.
rpm -qa | grep openssh
rpm -e `rpm -qa | grep openssh` --nodeps
rpm -qa | grep openssh
6.cd /root/openssh-8.5p1
7../configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh --with-openssl-includes=/usr/local/openssl/include --with-ssl-dir=/usr/local/openssl --with-zlib --with-md5-passwords -with-tcp-wrappers --with-pam
8.报错 configure: error: PAM headers not found
9.解决方法 yum -y install pam-devel
10.make && make install
11.修改配置
echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
12.
找到 tar -zxf 解压目录/root/openssh-8.5p1
cp /root/openssh-8.5p1/contrib/redhat/sshd.init /etc/init.d/sshd
13.
chmod +x /etc/init.d/sshd
chmod 600 /etc/ssh/ssh_host_rsa_key
chmod 600 /etc/ssh/ssh_host_ecdsa_key
chmod 600 /etc/ssh/ssh_host_ed25519_key
chkconfig --add sshd
chkconfig sshd on
systemctl restart sshd
systemctl status sshd
ssh -V
报错解决:进入 /etc/rc.id/init.d/sshd 修改41行和49行地址,改成openssl的地址比如我的就是/usr/local/openssl/bin,/usr/local/openssl/sbin
linux上/etc/ssh/ssh.config 和/etc/ssh/sshd.config 下将x11forwarding 都选yes(这个主要是为xmanager的可视化开放x11信道)
最后
关闭telnet 服务
systemctl disable xinetd
systemctl disable telnet.socket
systemctl stop xinetd.service
systemctl stop telnet.socket