本文基于RedHat 6.5(RHEL 6.5)64位版本升级OpenSSH和OpenSSL的操作过程
一、查看当前版本信息
uname -a
Linux localhost.localdomain 2.6.32-431.el6.x86_64 #1 SMP Sun Nov 10 22:19:54 EST 2013 x86_64 x86_64 x86_64 GNU/Linux
openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013
ssh -V
OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
二、下载最新版本安装包
OpenSSH:
https://www.openssh.com/
OpenSSL:
https://www.openssl.org/
三、安装依赖
yum install -y gcc zlib-devel pam-devel
四、开启telnet服务
yum -y install telnet-server sed -i "s/yes/no/g" /etc/xinetd.d/telnet service xinetd restart mv /etc/securetty /etc/securetty.bak
五、安装OpenSSL
tar xzvf openssl-1.0.2l.tar.gz cd openssl-1.0.1l ./config --prefix=/usr --shared make make test make install openssl version #检查安装后的版本
OpenSSL 1.0.2l 25 May 2017
六、安装OpenSSH
mv /etc/ssh/ /etc/ssh.bak tar -xzvf openssh-7.5p1.tar.gz cd openssh-7.5p1 ./configure --prefix=/usr --with-zlib --sysconfdir=/etc/ssh --with-ssl-dir=/usr --with-md5-passwords --with-pam make make install mv /etc/ssh /etc/ssh-7.5p1-conf mv /etc/ssh.bak /etc/ssh sed -i '/^#PermitRootLogin/s/#PermitRootLogin yes/PermitRootLogin yes/' /etc/ssh/sshd_config sed -i '/^GSSAPIAuthentication yes/s/GSSAPIAuthentication yes/#GSSAPIAuthentication yes/' /etc/ssh/sshd_config sed -i '/^GSSAPICleanupCredentials yes/s/GSSAPICleanupCredentials yes/#GSSAPICleanupCredentials yes/' /etc/ssh/sshd_config cp /etc/ssh-7.5p1-conf/ssh_host_ecdsa_key /etc/ssh cp /etc/ssh-7.5p1-conf/ssh_host_ed25519_key /etc/ssh service sshd restart
ssh -V
OpenSSH_7.5p1, OpenSSL 1.0.2l 25 May 2017
登陆一下SSH,测试是否成功
七、关闭telnet服务
sed -i "s/no/yes/g" /etc/xinetd.d/telnet service xinetd stop mv /etc/securetty.bak /etc/securetty yum remove telnet-server -y
转载于:https://blog.51cto.com/lookfor/1968385