sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
setenforce 0
service iptables stop
chkconfig iptables off
yum -y install gcc gcc-c++ telnet-server* pam-devel zlib-devel openssl openssl-devel
vi /etc/xinetd.d/telnet
mv /etc/securetty /etc/securetty.old
service xinetd start
chkconfig xinetd on
telnet [ip]cd /home/ishangsoft
wget http://down.i.my71.com/openssh-7.4p1.tar.gz
tar -zxvf openssh-7.4p1.tar.gz
cd /home/ishangsoft/openssh-7.4p1
make clean
ldconfig
./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh --with-pam --with-md5-passwords --mandir=/usr/share/man
make && make install
/etc/init.d/sshd stop
\cp -f /home/ishangsoft/openssh-7.4p1/contrib/redhat/sshd.init /etc/init.d/sshd
chmod u+x /etc/init.d/sshd
chkconfig --add sshd
\cp -f /usr/local/openssh/sbin/sshd /usr/sbin/sshd
\cp -f /usr/local/openssh/bin/ssh-keygen /usr/bin/ssh-keygen
vi /etc/ssh/sshd_config
##去掉前面的注释,允许root通过ssh登录
PermitRootLogin yes
##注释掉下面三个参数
#GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
#UsePAM yes
末尾添加如下信息:Ciphers aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr,3des-cbc,arcfour128,arcfour256,arcfour,blowfish-cbc,cast128-cbc
MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-sha1-96,hmac-md5-96
KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1,curve25519-sha256@libssh.orgservice sshd start
mv /etc/securetty.old /etc/securetty
chkconfig xinetd off
service xinetd stop
service iptables start
chkconfig iptables on
参考:http://www.zhimengzhe.com/linux/333932.html
扫一扫
4093
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
