CentOS6.8升级openssh-7.9p1
centos6.8 x64源码安装openssh-7.9p1
操作系统版本
[root@localhost src]# cat /etc/redhat-release
CentOS release 6.8 (Final)
当前openssh-server版本
[root@localhost ~]# rpm -qa | grep openssh
openssh-clients-5.3p1-117.el6.x86_64
openssh-5.3p1-117.el6.x86_64
openssh-server-5.3p1-117.el6.x86_64
下载源码包
[root@localhost src]# curl -O http://ftp2.fr.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.9p1.tar.gz
解压源码包
[root@localhost src]# tar zxvf openssh-7.9p1.tar.gz
进入源码目录
[root@localhost src]# cd openssh-7.9p1/
安装编译工具及依赖包
[root@localhost openssh-7.9p1]# yum -y install gcc make openssl-devel pam-devel zlib-devel rpm-build
配置
[root@localhost openssh-7.9p1]# ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --without-hardening
编译源码
[root@localhost openssh-7.9p1]# make
安装源码
[root@localhost openssh-7.9p1]# make install
拷贝启动脚
[root@localhost openssh-7.9p1]# \cp -rf contrib/redhat/sshd.init /etc/init.d/sshd
添加到服务管理
[root@localhost openssh-7.9p1]# chkconfig --add sshd
添加到开机服务
[root@localhost openssh-7.9p1]# chkconfig sshd on
修改配置文件
[root@localhost openssh-7.9p1]# sed -i "32a PermitRootLogin yes" /etc/ssh/sshd_config
[root@localhost openssh-7.9p1]# sed -i "83a UsePAM yes" /etc/ssh/sshd_config
写入配置文件
[root@localhost openssh-7.9p1]# cat > /etc/pam.d/sshd <
#%PAM-1.0
auth requiredpam_sepermit.so
auth substack password-auth
auth include postlogin
# Used with polkit to reauthorize users in remote sessions
-auth optional pam_reauthorize.so prepare
account required pam_nologin.so
account include password-auth
password include password-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open env_params
session required pam_namespace.so
session optional pam_keyinit.so force revoke
session include password-auth
session include postlogin
# Used with polkit to reauthorize users in remote sessions
-session optional pam_reauthorize.so prepare
!EOF!
cat > /etc/pam.d/ssh-keycat <
#%PAM-1.0
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open env_params
session required pam_namespace.so
!EOF!
删除下载的源码包
[root@localhost openssh-7.9p1]# cd ../
[root@localhost src]# rm -rf openssh-7.9p1*
查看ssh客户端版本,版本已经升级。
[root@localhost src]# ssh -V
OpenSSH_7.9p1, OpenSSL 1.0.1e-fips 11 Feb 2013
查看sshd位置
[root@localhost src]# which sshd
/usr/sbin/sshd
查看sshd服务端版本,版本已经升级。
[root@localhost src]# strings /usr/sbin/sshd | grep OpenSSH
OpenSSH_7.9p1
OpenSSH_7.9
OpenSSH_3.*
OpenSSH_5*
OpenSSH_6.6.1*
OpenSSH_6.5*,OpenSSH_6.6*
OpenSSH*
OpenSSH_2.*,OpenSSH_3.0*,OpenSSH_3.1*
OpenSSH_2*,OpenSSH_3*,OpenSSH_4*
OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7*
重启sshd服务
[root@localhost openssh-7.9p1]# nohup service sshd restart > /dev/null 2>&1
centos6.8升级openssh-7.9p1完成,重新登录服务器就可以。
最后编辑:2019-01-11作者:劳福喜
这个作者貌似有点懒,什么都没有留下。