一、安装telnet-server容灾,防止连接不上服务器的悲剧,顺便配置一下环境
echo "hi comment ctermfg=6" >> ~/.vimrc
yum -y install telnet-server
yum -y install xinetd
yum -y install telnet
systemctl enable telnet.socket
systemctl enable xinetd.service
systemctl start telnet.socket
systemctl start xinetd
netstat -nltp
vi /etc/pam.d/remote
去掉
yum install -y gcc gcc-c++ glibc make autoconf openssl openssl-devel pcre-devel pam-devel
yum install -y pam* zlib*
mkdir -p /home/schoolface
cd /home/schoolface
wget https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/openssh-8.0p1.tar.gz
wget https://ftp.openssl.org/source/openssl-1.0.2s.tar.gz
mv /usr/bin/openssl /usr/bin/openssl_bak
mv /usr/include/openssl /usr/include/openssl_bak
tar -xvf openssl-1.0.2s.tar.gz
cd /home/schoolface/openssl-1.0.2s/
./config shared && make && make install
echo $?
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/ssl/include/openssl /usr/include/openssl
echo "/usr/local/ssl/lib" >> /etc/ld.so.conf
/sbin/ldconfig
openssl version
cd /home/schoolface/
tar -xvf openssh-8.0p1.tar.gz
chown -R root.root /home/schoolface/openssh-8.0p1/
cd /home/schoolface/openssh-8.0p1/
rm -rf /etc/ssh/*
./configure --prefix=/usr/ --sysconfdir=/etc/ssh --with-openssl-includes=/usr/local/ssl/include --with-ssl-dir=/usr/local/ssl --with-zlib --with-md5-passwords --with-pam && make && make install
vi /etc/ssh/sshd_config
修改配置文件最终为如下内容,其他的不要动
[root@linux-node3 ~]# grep "^PermitRootLogin" /etc/ssh/sshd_config
PermitRootLogin yes
[root@linux-node3 ~]# grep "UseDNS" /etc/ssh/sshd_config
UseDNS no
[root@linux-node3 ~]#
cp -a contrib/redhat/sshd.init /etc/init.d/sshd
cp -a contrib/redhat/sshd.pam /etc/pam.d/sshd.pam
chmod +x /etc/init.d/sshd
systemctl enable sshd
mv /usr/lib/systemd/system/sshd.service /home/schoolface/
systemctl enable sshd
systemctl start sshd
netstat -lntp
systemctl disable xinetd.service
systemctl stop xinetd.service
systemctl disable telnet.socket
systemctl stop telnet.socket
netstat -lntp
vi /etc/pam.d/remote
4350
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
