openssh升级7.4p1至8.4p1、openssl升级至openssl-1.1.1h

**

openssh升级7.4p1至8.4p1、openssl升级至openssl-1.1.1h

**
升级准备:
下载安装包
https://sourceforge.net/projects/libpng/files/zlib/1.2.11/zlib-1.2.11.tar.gz
https://www.openssl.org/source/openssl-1.1.1h.tar.gz
https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.4p1.tar.gz

一、脚本只适用于Centos7系列 升级之前 ssh -V 查看一下 SSH的版本 >=OpenSSH_7.4p1
系统版本CentOS7.7、Openssh_7.4p1
vim opensshUpgrade.sh

#!/bin/bash

# 手动上传安装包 至 /opt目录
cd /opt

# 解压安装包,我习惯将安装包解压到/usr/local/src
tar xf openssh-8.4p1.tar.gz -C /usr/local/src/
tar xf openssl-1.1.1h.tar.gz -C /usr/local/src/
tar xf zlib-1.2.11.tar.gz -C /usr/local/src/

# 安装zlib-1.2.11.tar.gz
yum -y install gcc gcc-c++ kernel-devel
cd /usr/local/src/zlib-1.2.11/
./configure --prefix=/usr/local/zlib && make -j 4 && make install

# 安装 openssl-1.1.1h.tar.gz
cd /usr/local/src/openssl-1.1.1h/
./config --prefix=/usr/local/ssl -d shared
make -j 4 && make install
echo '/usr/local/ssl/lib' >> /etc/ld.so.conf
ldconfig -v

# 安装openssh-8.4p1.tar.gz
mv /etc/ssh /etc/ssh.bak
cd /usr/local/src/openssh-8.4p1/
./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh --with-ssl-dir=/usr/local/ssl --with-zlib=/usr/local/zlib 
make -j 4 && make install

# sshd_config文件修改
echo "X11Forwarding yes" >> /etc/ssh/sshd_config
echo "X11UseLocalhost no" >> /etc/ssh/sshd_config                
echo "XAuthLocation /usr/bin/xauth" >> /etc/ssh/sshd_config
echo "UseDNS no" >> /etc/ssh/sshd_config
echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config
echo 'PubkeyAuthentication yes' >> /etc/ssh/sshd_config
echo 'PasswordAuthentication yes' >> /etc/ssh/sshd_config

# 备份 /etc/ssh 原有文件,并将新的配置复制到指定目录
mv /usr/sbin/sshd /usr/sbin/sshd.bak &>/dev/null
cp -rf /usr/local/openssh/sbin/sshd /usr/sbin/sshd
mv /usr/bin/ssh /usr/bin/ssh.bak &>/dev/null
cp -rf /usr/local/openssh/bin/ssh /usr/bin/ssh 
mv /usr/bin/ssh-keygen /usr/bin/ssh-keygen.bak &>/dev/null
cp -rf /usr/local/openssh/bin/ssh-keygen /usr/bin/ssh-keygen

# 启动 sshd 并将其加入开机自启
systemctl stop sshd.service &>/dev/null
rm -rf /lib/systemd/system/sshd.service 
systemctl daemon-reload
cp /usr/local/src/openssh-8.4p1/contrib/redhat/sshd.init /etc/init.d/sshd
/etc/init.d/sshd restart
chkconfig --add  sshd
systemctl status sshd| grep  "Active: active (running)"

if [ $? -eq 0 ]; then
	echo -e "\033[32m[INFO] OpenSSH upgraded to 8.4p1  successfully!\033[0m"
else
	echo -e "\033[31m[ERROR] OpenSSH upgraded to 8.4p1 faild!\033[0m"
fi

二、手动将下载的三个tar.gz包和脚本opensshUpgrade.sh上传至/opt目录下

三、执行以下命令 即可升级完成(升级脚本中会依赖yum源去安装一些编译器、依赖)

cd /opt
chmod +x opensshUpgrade.sh
./opensshUpgrade.sh
执行命令即可完成升级
四、执行 ssh -V 查看升级后的版本 如果输出为 OpenSSH_8.4p1, OpenSSL 1.1.1h 22 Sep 2020 表示升级完成
升级完成效果图
升级过程中,有任何问题、报错 请留言至610472802@qq.com 看到会及时回复

已标记关键词 清除标记
©️2020 CSDN 皮肤主题: 游动-白 设计师:上身试试 返回首页