install-openssh_9.0p1.sh
#!/bin/bash
set -e
set -v
wget https://src.fedoraproject.org/repo/pkgs/openssh/x11-ssh-askpass-1.2.4.1.tar.gz/8f2e41f3f7eaa8543a2440454637f3c3/x11-ssh-askpass-1.2.4.1.tar.gz
wget https://mirrors.aliyun.com/pub/OpenBSD/OpenSSH/portable/openssh-9.0p1.tar.gz
#备份原有的openssh服务
mkdir -p /etc/sshdconfig_backup
cd /etc/sshdconfig_backup
#将/etc/ssh目录下的所有文件压缩备份到当前目录
tar -cvzf etc_ssh-backup.tar.gz /etc/ssh
#升级rpm 升级后会修改/etc/pam.d/sshd 文件,需要备份此文件,升级完还原此文件。
cp /etc/ssh/sshd_config /etc/sshdconfig_backup
cp /etc/pam.d/sshd /etc/sshdconfig_backup/pam.d_sshd
mkdir -p /usr/src/redhat/{SOURCES,SPECS} && cd /usr/src/redhat/SOURCES
yum -y install \
zlib-devel \
gtk2-devel \
libX11-devel \
xmkmf \
ibXt-devel \
wget \
make \
gcc \
openssl-devel \
perl-devel \
pam-devel \
rpm-build
# Get openssl tarball
cp /root/openssh-9.0p1.tar.gz ./
cp /root/x*ssh-askpass-1.2.4.1.tar.gz ./
# SPEC file
tar xfz openssh-9.0p1.tar.gz openssh-9.0p1/contrib/redhat/openssh.spec
mv openssh-9.0p1/contrib/redhat/openssh.spec ../SPECS/
mkdir -p /root/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
mv openssh-9.0p1.tar.gz /root/rpmbuild/SOURCES
mv x11-ssh-askpass-1.2.4.1.tar.gz /root/rpmbuild/SOURCES
chown sshd:sshd /usr/src/redhat/SPECS/openssh.spec
cp /usr/src/redhat/SPECS/openssh.spec /usr/src/redhat/SPECS/openssh.spec_backup
sed -i -e "s/%define no_gnome_askpass 0/%define no_gnome_askpass 1/g" /usr/src/redhat/SPECS/openssh.spec
sed -i -e "s/%define no_x11_askpass 0/%define no_x11_askpass 1/g" /usr/src/redhat/SPECS/openssh.spec
sed -i -e "s/BuildRequires: openssl-devel < 1.1/#BuildRequires: openssl-devel < 1.1/g" /usr/src/redhat/SPECS/openssh.spec
sed -i -e "s/%global no_x11_askpass 0/%global no_x11_askpass 1/g" /usr/src/redhat/SPECS/openssh.spec
sed -i -e "s/%global no_gnome_askpass 0/%global no_gnome_askpass 1/g" /usr/src/redhat/SPECS/openssh.spec
cp /usr/src/redhat/SPECS/openssh.spec /root/rpmbuild/SPECS/openssh.spec
cd /root/rpmbuild/SPECS && \
rpmbuild \
-D "version 9.0p1" \
-ba openssh.spec
echo "---------------------------------------------------\n"
echo "#开始升级\n"
rpm -Uvh /root/rpmbuild/RPMS/x86_64/*.rpm --force --nodeps
cp -ar /etc/sshdconfig_backup/pam.d_sshd /etc/pam.d/sshd
rm -rf /etc/ssh/ssh_host_*
cp /etc/sshdconfig_backup/sshd_config /etc/ssh/sshd_config
systemctl restart sshd
echo "验证openssh版本信息\n"
ssh -V
rpm -qa |grep openssh
# Before Uninstall Openssh : rpm -qa openssh
# Uninstall Current Openssh Vesion : yum -y remove openssh
# For install: rpm -ivh /root/rpmbuild/RPMS/x86_64/openssh-9.0p1-1.el7.x86_64.rpm --nodeps
# Verify install: rpm -qa openssh
# openssh version
给脚本执行权限
chmod 655 install-openssh_9.0p1.sh
执行脚本:
./install-openssh_9.0p1.sh
脚本执行结果如下:
保证这个如下:UsePAM yes
若是允许root远程登录可以选择打开