编译openssh

最新推荐文章于 2024-09-14 18:34:03 发布
最新推荐文章于 2024-09-14 18:34:03 发布
阅读量380 收藏
点赞数
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_42953034/article/details/107020405
版权 
#!/bin/bash
#This script is used to compile OpenSSL and Openssh
#Compile Time: 2020-02-28 
#Author: Gang Li
#Email: LG_iang@163.com
#Edition: V1
#缺少备份旧版环境openssl
#缺少开启备用远程方式

#Define old OpenSSL version
old_version=`openssl version`

#Judge system publisher
os_check(){
        if [ -e /etc/redhat-release ];then
                redhat=`cat /etc/redhat-release | awk '{print $1}'`
        else
                debian=`cat /etc/issue | awk '{print $1}'`
        fi
        if [ "$redhat" == "CentOS" -o "$redhat" == "Red" ];then
                pack_man=yum
                echo "Your system publisher is "$redhat
                echo "Define the package management tool as yum."
        elif [ "$debian" == "Ubuntu" -o "$debian" == "ubuntu" ];then
                pack_man=apt-get 
                echo "Your system publisher is "$debian
                echo "Define the package management tool as apt-get."
        else
                echo "Operating system does not suppot."
                exit
        fi
}

#Determine whether it is root permission
root_Determine(){
        if [ "$USER" != "root" ];then
                echo "Please use root to execute."
                exit
        else
                echo "The currently logged in user is:" $USER
                echo "Start judging Publishers."
        fi
}

#Get OpenSSL installation package
get_package_openssl(){
        echo "Get openssl.tar.gz"
        curl -s https://ftp.openssl.org/source/ > /tmp/openssl.html
        openssl_package=`cat /tmp/openssl.html |grep openssl  | sed -e 's/<[^<]*=\"//g' | sed -e 's/"\ \/>$//g'  | sed -e 's/<tr>top//' | sed -e 's/^.\{18\}//g' | cut -c1-21 | head -n1`
        openssl=`echo $openssl_package | cut -c1-14`
        rm -rf /tmp/openssl.html
        if [ -e /opt/$openssl_package ];then
                echo "You already have the installation package. "$openssl_package
        else
                wget -P /opt/  https://ftp.openssl.org/source/$openssl_package &> /dev/null
                if [ -e /opt/$openssl_package ];then
                        echo -e "Download successful:"$openssl_package"\033[32m Success\033[0m"
                else
                        echo -e "Download of "$openssl_package" installation package failed. Please check the download""\033[31m Failure\033[0m"
                        exit
                fi
        fi
}

#Unpack
unpack_openssl(){
        if [ -d /opt/$openssl ];then
                mv /opt/$openssl  /opt/$openssl.bak
        fi
        tar -xzvf /opt/$openssl_package -C /opt/ &> /dev/null
        if [ -d /opt/"$openssl" ];then
                echo -e "Unpack "$openssl_package" successfulled.""\033[32m Success\033[0m"
        else
                echo -e "Failed to decompress "$openssl_package"\033[31m Failure\033[0m"
                exit
        fi
}

#Compilation and installation
Comp_openssl(){
        echo "Start compilation openssl."
        cd /opt/$openssl
        sh /opt/$openssl/config --prefix=/usr/local/openssl > /dev/null 2>&1 && make > /dev/null 2>&1  && make install > /dev/null 2>&1
        if [ $? -eq 0 ];then
                ln -sf /usr/local/openssl/include/openssl   /usr/include/openssl &> /dev/null
                ln -sf  /usr/local/openssl/bin/openssl /usr/bin/openssl  &> /dev/null
                echo "/usr/local/lib" >> /etc/ld.so.conf 
                ln -s /usr/local/openssl/lib/libssl.so.1.1  /usr/lib64/libssl.so.1.1  &> /dev/null
                ln -s /usr/local/openssl/lib/libcrypto.so.1.1  /usr/lib64/libcrypto.so.1.1   &> /dev/null
                version=`openssl version`
        else
                echo -e "Compilation failed." "\033[31m Failed\033[0m"
                exit
        fi
}

#Judge current version
jcv(){
        if [ "$old_version" == "$version" ];then
                echo -e "Compilation failed  ""\033[31m Failure\033[0m"
                exit
        else
                echo -e "Compilation succeeded. The current OpenSSL version is "$version"\033[32m Success\033[0m"
        fi
}

#Confirmation execution
con(){
        while true;do
                stty -icanon min 0 time 100
                echo -e -n  "Automatic execute ten seconds after,Are you sure you want to start the task""\033[36m Yes|No\033[0m""?"
                read Arg
                case $Arg in
                        Y|y|YES|yes)
                        break
                        ;;
                        N|n|NO|no)
                        echo "Goodbye,Welcome to use next time!"
                        exit
                        ;;
                        "")
                        echo ""
                        break
                        ;;
                esac
        done
}

#Install dependency package
In_depack(){
        echo "Install dependency packages,Please wait."
        $pack_man install gcc  wget make net-tools zlib*  pam-devel -y  > /dev/null 2>&1
        if [ $? -eq 0 ];then
                echo -e "Installation of dependent packages succeeded." "\033[32m Success\033[0m"
        else
                echo -e "Installation of dependent packagess failed,Automatic exit after 5 seconds." "\033[31m Failure\033[0m"
                sleep 5
                exit
        fi
}

#Compile OpenSSL
com_openssl(){
        root_Determine
        os_check
        In_depack
        get_package_openssl
        con
        unpack_openssl
        Comp_openssl
        jcv
}

#Get OpenSSH installation package
#缺少检测版本是否存在
get_package_openssh(){
        old_ssh_version=`ssh -V`  #便于后期添加判断sshd升级情况
        read -p "Please enter the version of openssh you want to install x.x ?  Example:8.2  You version:" openssh_Version
        if [ -z $openssh_Version ];then
                echo  -e "\033[31m Error\033[0m"
                exit
        else
                jieguo=`echo "$openssh_Version*1" | bc `
                if [ "$jieguo" == "0" ];then
                        echo -e "\033[31m Not a number\033[0m"
                        exit
                fi
        fi
        if [ -e /opt/openssh-$openssh_Version"p1.tar.gz" ];then
                echo "You already have the installation package. "openssh-$openssh_Version
        else
                echo "Get OpenSSH installation package"
                wget -P /opt/ https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/openssh-$openssh_Version"p1.tar.gz"   &> /dev/null
                if [ -e /opt/openssh-$openssh_Version"p1.tar.gz" ];then
                        echo -e "Download successful:"openssh-$openssh_Version"p1.tar.gz""\033[32m Success\033[0m"
                else
                        echo -e "Download of "openssh-$openssh_Version"p1"" installation package failed. Please check the download""\033[31m Failure\033[0m"
                        exit
                fi
        fi
}

#Create backup directory
cre_openssh-dir(){
        echo "Create openssh backup directory."
        mkdir -p /tmp/backup_$DATE/openssh > /dev/null 2>&1
        mkdir -p /tmp/backup_$DATE/openssh/usr/{bin,sbin} > /dev/null 2>&1
        mkdir -p /tmp/backup_$DATE/openssh/etc/{init.d,pam.d,ssh} > /dev/null 2>&1
        mkdir -p /tmp/backup_$DATE/openssh/usr/libexec/openssh > /dev/null 2>&1
        mkdir -p /tmp/backup_$DATE/openssh/usr/share/man/{man1,man8} > /dev/null 2>&1
}

#Backup old_openssh
backup_openssh(){
        echo "Perform backup openssh."
        rpm -qa | grep -w "openssh-server" > /dev/null 2>&1
        if [ $? -eq 0 ];then
                cp /usr/bin/ssh* /tmp/backup_$DATE/openssh/usr/bin > /dev/null 2>&1
                cp /usr/sbin/sshd /tmp/backup_$DATE/openssh/usr/sbin > /dev/null 2>&1
                cp /etc/init.d/sshd /tmp/backup_$DATE/openssh/etc/init.d > /dev/null 2>&1
                cp /etc/pam.d/sshd /tmp/backup_$DATE/openssh/etc/pam.d > /dev/null 2>&1
                cp /etc/ssh/ssh* /tmp/backup_$DATE/openssh/etc/ssh > /dev/null 2>&1
                cp /etc/ssh/sshd_config /tmp/backup_$DATE/openssh/etc/ssh > /dev/null 2>&1
                cp /usr/share/man/man1/ssh* /tmp/backup_$DATE/openssh/usr/share/man/man1 > /dev/null 2>&1
                cp /usr/share/man/man8/ssh* /tmp/backup_$DATE/openssh/usr/share/man/man8 > /dev/null 2>&1
                cp /usr/libexec/openssh/ssh* /tmp/backup_$DATE/openssh/usr/libexec/openssh > /dev/null 2>&1
                rpm -e --nodeps openssh-clients openssh-server openssh > /dev/null 2>&1
        else
                mv /usr/bin/ssh* /tmp/backup_$DATE/openssh/usr/bin > /dev/null 2>&1
                mv /usr/sbin/sshd /tmp/backup_$DATE/openssh/usr/sbin > /dev/null 2>&1
                mv /etc/init.d/sshd /tmp/backup_$DATE/openssh/etc/init.d > /dev/null 2>&1
                mv /etc/pam.d/sshd /tmp/backup_$DATE/openssh/etc/pam.d > /dev/null 2>&1
                mv /etc/ssh/ssh* /tmp/backup_$DATE/openssh/etc/ssh > /dev/null 2>&1
                mv /etc/ssh/sshd_config /tmp/backup_$DATE/openssh/etc/ssh > /dev/null 2>&1
                mv /usr/share/man/man1/ssh* /tmp/backup_$DATE/openssh/usr/share/man/man1 > /dev/null 2>&1
                mv /usr/share/man/man8/ssh* /tmp/backup_$DATE/openssh/usr/share/man/man8 > /dev/null 2>&1
                mv /usr/libexec/ssh* /tmp/backup_$DATE/openssh/usr/libexec > /dev/null 2>&1
        fi
}

#Unpack
unpack_openssh(){
        if [ -d /opt/openssh-$openssh_Version"p1" ];then
                mv /opt/openssh-$openssh_Version"p1"  /opt/openssh-$openssh_Version"p1".bak
        fi
        tar -xzvf /opt/openssh-$openssh_Version"p1.tar.gz" -C /opt/ &> /dev/null
        if [ -d /opt/openssh-$openssh_Version"p1" ];then
                echo -e "Unpack "openssh-$openssh_Version"p1.tar.gz""successfulled.""\033[32m Success\033[0m"
        else
                echo -e "Failed to decompress "openssh-$openssh_Version"p1.tar.gz""\033[31m Failure\033[0m"
                exit
        fi
}

#Compilation and installation
Comp_openssh(){
        echo "Start compilation openssh."
        cd /opt/openssh-$openssh_Version"p1"
        sh /opt/openssh-$openssh_Version"p1"/configure --prefix=/usr --sysconfdir=/etc/ssh --with-ssl-dir=/usr/local/openssl --with-md5-passwords > /dev/null 2>&1
        if  [ $? -eq 0 ];then
                make > /dev/null 2>&1 && make install > /dev/null 2>&1
        else
                echo -e "Failed to compile openssh. " "\033[31m Failed\033[0m"
                exit
        fi
        if [ -e /usr/sbin/sshd ];then
                echo -e "Compliation openssh Success ""\033[32m Success\033[0m"
        fi
        #PermitRootLogin
        echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
        echo "UsePAM yes"   >> /etc/ssh/sshd_config
        if [ $? -eq 0 ];then
                echo -e "PermitRootLogin yes" "\033[32m Success\033[0m"
        else
                echo -e "PermitRootLogin Failed,Please check " "\033[31m Failed\033[0m"
                exit
        fi
}

#Start openssh
start_openssh(){
        cp -rf /opt/openssh-$openssh_Version"p1"/contrib/redhat/sshd.init /etc/init.d/sshd
        cp -rf /opt/openssh-$openssh_Version"p1"/contrib/redhat/sshd.pam  /etc/pam.d/sshd
        chmod +x /etc/init.d/sshd
        chmod 600 /etc/ssh/ssh_host_rsa_key
        chmod 600 /etc/ssh/ssh_host_dsa_key
        chmod 600 /etc/ssh/ssh_host_ecdsa_key
        chmod 600 /etc/ssh/ssh_host_ed25519_key
        chkconfig --add sshd
        chkconfig sshd on
        service sshd start > /dev/null 2>&1
        if [ $? -eq 0 ];then
                echo -e "Start sshd succeeded. " "\033[32m Success\033[0m"
                ssh -V
        else
                echo -e "Start sshd failed. ""\033[31m Failure\033[0m"
        fi
}


com_openssl
get_package_openssh
cre_openssh-dir
backup_openssh
unpack_openssh
Comp_openssh
start_openssh
沙砾-
关注
openssh编译方法
L博涯的博客
03-25 2714
升级openssh之前要开启telnet服务 1、检查是否安装telnet和telnet-server $ rpm -qa Linux telnet $ rpm -qa Linux telnet-server 2、安装telnet和telnet-server $ yum install telnet $ yum install telnet-server 3、修改配置文件 $...
编译OpenSSH
邢红瑞的blog
09-27 3332
 说实话,97年使用linux开始就没有编译openssh。使用debian时,也是apt 安装的。1 下载最新的zlib库http://zlib.net/ tar -zxvf zlib-1.2.3.tar.gz cd zlib-1.2.3 make make installcp zlib.h zconf.h /usr/local/includechmod 644 /usr/local/in
OpenSSH、OpenSSL编译安装升级
没头脑的博客
09-14 2132
openssh openssl 源码编译 漏洞升级 openssh-9.6P1 openssh-9.8P1
openssh编译
bewinged
06-02 353
zlib-1.2.5交叉编译 ./configure --prefix=$PWD/__INSTALL CC=arm-linux-gnueabi-gcc AR=arm-linux-gnueabi-ar rc CPP =arm-linux-gnueabi-gcc -E LDSHARED=arm-linux-gnueabi-gcc RANLIB=arm-linux-gnueabi-ranlib /home/zengzhihao/zlib-1.2.5/__INSTALL openssh-5.8p1.tar.g
编译安装升级openssh-9.8p1
m0_65305739的博客
07-11 2276
root@localhost openssh-9.8p1]# ./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh --with-ssl-dir=/usr/local/openssl #/.指定路径。[root@localhost bin]# ln -s /usr/local/openssl/lib64/libcrypto.so.3 /usr/lib64/libcrypto.so.3 #/.执行软连接。
在ARM平台上编译移植openssh
semilog的专栏
05-23 3172
1. 下载源代码     移植openssh需要三个包:openssh、openssl 和 zlib     zlib官方下载:http://www.zlib.net/     openssl官方下载:http://www.openssl.org/source  ( OpenSSL &gt;= 1.0.1 &lt; 1.1.0)或     LibreSSL http://www.libres...
Hi3559A交叉编译openssh
04-15
总的来说,交叉编译OpenSSH是一项技术性很强的任务,涉及到多个步骤和组件的编译与配置。遵循上述步骤,可以成功地在Hisi3559A上部署安全可靠的OpenSSH服务。请注意,整个过程可能需要根据具体环境和需求进行调整,...
Hisi交叉编译openSsh、部署使用到配置和脚本
04-17
为了在Hisi 3559A上交叉编译openSSH,你需要以下组件: 1. **zlib**:这是一个压缩库,openSSH依赖它来处理压缩数据流。首先,你需要为ARM64架构编译zlib,这通常通过编写一个配置脚本来完成,该脚本指定目标架构和...
海思交叉编译OpenSSH_7.8p1, OpenSSL 1.0.2p
10-15
包含完整的编译过程,源码和介绍,海思开发板支持openssh7.8, 其中包含 OpenSSH_7.8p1, OpenSSL 1.0.2p;完整的可运行的运行包;包括弱加密算法;sshd_config的介绍;
centos7,el7,redhat7编译openssh9.9p1的rpm安装包
最新发布
10-11
centos7,el7,redhat7编译openssh9.9p1的rpm安装包, unzip el9-openssh9.9-x86.zip -d openssh yum -y install openssh/x86_64/*.rpm chmod 600 /etc/ssh/ssh_host* systemctl restart sshd rm -rf el9-openssh9.9...
openSSH编译移植到ARM平台所需全套源文件
10-26
用于自行编译移植openssh到arm平台下,并开启自动运行。 了解更多,点击: https://blog.csdn.net/v6543210/article/details/83420034
Openssh-8.3p1编译安装包.tar.zip
08-11
windwos上解压上传服务器 tar xzvf openssh-8.3p1.tar.gz ./configure --prefix=/usr/ --sysconfdir=/etc/ssh/ --with-ssl-dir=/usr/local/ssl --with-md5-passwords --mandir=/usr/share/man/ make && make install echo "PermitRootLogin yes" >> /etc/ssh/sshd_config echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config cp -a contrib/redhat/sshd.init /etc/init.d/sshd /etc/init.d/sshd stop systemctl daemon-reload /etc/init.d/sshd stop systemctl restart sshd ssh -V chmod 400 /etc/ssh/ssh_host_ecdsa_key chmod 400 /etc/ssh/ssh_host_ed25519_key chmod 400 /etc/ssh/ssh_host_rsa_key systemctl restart sshd cat >>/etc/ssh/sshd_config <<-EOF KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 EOF cp -a contrib/redhat/sshd.init /etc/init.d/sshd systemctl restart sshd
交叉编译openssh.tar.bz2运行在armlinux上
01-14
交叉编译openssh.tar.bz2运行在armlinux上,用的openssl-1.1.0f;zlib-1.2.11;openssh-5.6p1三者交叉编译而成,交叉编译工具链是arm-none-linux-gnueabi-...该包中的密钥文件最好自己去重新生成,路径是openssh/usr/...
Linux|编译最新版的openssh-server-9.3的rpm包(一)
zsk_john的技术分享专用博客
06-15 4087
openssh服务的重要性不需要在这里废话了,而面对各种系统漏洞服务漏洞,我们最好的应对手段就是升级了,因此,我们的服务器很可能有升级内核的需求,以及升级系统内的重要服务的需求,而作为与服务器交互的服务sshd来说,漏洞也是非常多的,但该服务是基础服务,是不可能停止的,因此,我们需要升级它。
编译安装openssh
u011500307的专栏
11-07 2867
最近在看《Hacking:the art of exploit》,此书提供了一个系统光盘,可以从光盘直接进去,不用装系统,直接光盘启动来实验书上的例子。可是我把他装在虚拟机里面,那分辨率啊,真是不堪入目啊!!!         于是想到直接用ssh来连接,到自己的主机系统上直接操作,不需要再面对那个看不清的系统的。可是那个系统是ubuntu的老版本了,源不支持了,只默认安装了ssh-client
开源库交叉编译(四)--- OpenSSH
码拉僧的博客
05-02 532
开源库ARM平台交叉编译
Ubuntu20.04与22.04 OpenSSL与OpenSSH编译安装
热门推荐
liuxin638507的博客
08-23 1万+
OpenSSL与OpenSSH需要经常修复漏洞,编译安装步骤供参考,适用ubuntu版本,其他版本类似,若升级主机较多,建议先在测试环境验证,如OpenSSL大版本升级且OpenSSH有新稳定版本,建议升级OpenSSL同时也升级OpenSSH
如何编译打包OpenSSH 9.4并实现批量升级
singless的博客
08-28 1942
由于openssh官方只提供源码包,网上下载的rpm包有可能遇到各种依赖问题,因此我们选择自己将源码编译为rpm包来升级环境的openssh。当然编译过程也尽量简单化,这里我们直接使用开源的脚本进行编译编译需要涉及到很多开发软件的下载安装,建议使用一台虚拟机来进行操作。先下载编译脚本,解压简单看下代码结构compile.sh:编译脚本el5、el6、el7:对应CentOS5、6、7三个系统,编译相关的参数由SPECS目录下的openssh.spec控制。编译好的rpm包放在RPMS目录下。
CentOS编译OpenSSH RPM包教程
以下是如何从源代码编译OpenSSH并创建RPM包的详细过程: 1. 依赖包安装: 在编译OpenSSH之前,需要确保系统中已经安装了所有必要的依赖项。这里列出了几个关键的依赖包,包括`gcc`(C编译器)、`rpm-build`(用于...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值