centos 7 源码编译安装openssh 8.3
一、安装openssl-1.1.1g.tar.gz
1、环境准备
Centos 7 最小化
openssl-1.1.1g.tar.gz
openssh-8.3p1.tar.gz
依赖包下载: yum -y install lrzsz zlib-devel perl gcc pam-devel
2、卸载系统预装的openssl ,这一步可以不做
[root@Test ~]# rpm -qa | grep openssl | grep -v lib
openssl-1.0.2k-8.el7.x86_64bash
[root@Test ~]# yum -y remove openssl-1.0.2k-8.el7.x86_64
3、安装步骤:
[root@Test ~]# tar -zxvf openssl-1.1.1g.tar.gz
[root@Test ~]# cd openssl-1.1.1g
[root@Test openssl-1.1.1g]# ./config --prefix=/usr/local/openssl --openssldir=/usr/local/openssl -Wl,-rpath,/usr/local/openssl/lib shared
[root@Test openssl-1.1.1g]# make && make install
4、创建软链接
[root@Test openssl-1.1.1g]# ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl
[root@Test openssl-1.1.1g]# ln -s /usr/local/openssl/include/openssl /usr/include/openssl
5、更新系统配置
[root@Test openssl-1.1.1g]# echo "/usr/local/openssl/lib" >> /etc/ld.so.conf
[root@Test openssl-1.1.1g]# /sbin/ldconfig
6、检查版本
[root@Test openssl-1.1.1g]# openssl version
二、安装openssh-8.3p1.tar.gz
1、rz openssh-8.3p1.tar.gz
2、卸载系统预装的openssh
[root@Test ~]# rpm -qa | grep openssh
[root@Test ~]# openssh-clients-7.4p1-11.el7.x86_64
[root@Test ~]# openssh-7.4p1-11.el7.x86_64
[root@Test ~]# openssh-server-7.4p1-11.el7.x86_64
[root@Test ~]# yum -y remove openssh-clients-7.4p1-11.el7.x86_64 openssh-7.4p1-11.el7.x86_64 openssh-server-7.4p1-11.el7.x86_64
3、备份openssh配置文件,这一步可以不做
[root@Test ~]# cp -r /etc/ssh /etc/ssh.bak
[root@Test ~]# rm -rf /etc/ssh
4、安装步骤
[root@Test ~]# tar -zxvf openssh-8.3p1.tar.gz
[root@Test ~]# cd openssh-8.3p1
[root@Test openssh-8.3p1]# ./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh --with-openssl-includes=/usr/local/openssl/include --with-ssl-dir=/usr/local/openssl --with-zlib --with-md5-passwords --with-pam --with-ssl-engine
[root@Test openssh-8.3p1]# make && make install
5、创建软链接
[root@Test openssh-8.3p1]# ln -s /usr/local/openssh/sbin/sshd /usr/sbin/sshd
[root@Test openssh-8.3p1]# ln -s /usr/local/openssh/bin/ssh /usr/bin/ssh
[root@Test openssh-8.3p1]# ln -s /usr/local/openssh/bin/ssh-add /usr/bin/ssh-add
[root@Test openssh-8.3p1]# ln -s /usr/local/openssh/bin/ssh-keygen /usr/bin/ssh-keygen
[root@Test openssh-8.3p1]# ln -s /usr/local/openssh/bin/ssh-keyscan /usr/bin/ssh-keyscan
6、将openssh的服务脚本复制到/etc/init.d目录下
[root@Test openssh-8.3p1]# cp /root/openssh-8.3p1/contrib/redhat/sshd.init /etc/init.d/sshd
[root@Test openssh-8.3p1]# chmod u+x /etc/init.d/sshd
备注:sshd.init 文件是存放在openssh的压缩包中,需要在解压的文件夹中查找
7、添加sshd服务
[root@Test openssh-8.3p1]# chkconfig --add sshd
8、检查openssh版本
[root@Test openssh-8.3p1]# systemctl restart sshd
[root@Test openssh-8.3p1]# ssh -V
OpenSSH_8.3p1, OpenSSL 1.1.1g 21 Apr 2020
9、修改openssh的配置文件,允许root登录
[root@Test openssh-8.3p1]# vi /etc/ssh/sshd_config
[root@Test openssh-8.3p1]# echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
[root@Test openssh-8.3p1]# echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
10、将sshd服务设为开机启动
[root@Test openssh-8.3p1]# chkconfig sshd on
11、重启sshd服务
[root@Test openssh-8.3p1]# systemctl daemon-reexec
[root@Test openssh-8.3p1]# systemctl restart sshd
12、查看sshd服务状态
[root@Test openssh-8.3p1]# systemctl status sshd
● sshd.service - SYSV: OpenSSH server daemon
Loaded: loaded (/etc/rc.d/init.d/sshd; bad; vendor preset: enabled)
Active: active (running) since 五 2020-08-14 18:51:28 CST; 6min ago
Docs: man:systemd-sysv-generator(8)
Process: 20498 ExecStop=/etc/rc.d/init.d/sshd stop (code=exited, status=0/SUCCESS)
Process: 20502 ExecStart=/etc/rc.d/init.d/sshd start (code=exited, status=0/SUCCESS)
Main PID: 20508 (sshd)
CGroup: /system.slice/sshd.service
├─20508 sshd: /usr/sbin/sshd [listener] 0 of 10-100 startups
├─20519 sshd: public [priv]
├─20522 sshd: public@pts/5
└─20523 -bash
8月 14 18:51:28 sag sshd[20508]: Server listening on 0.0.0.0 port 22.
8月 14 18:51:28 sag sshd[20508]: Server listening on :: port 22.
8月 14 18:51:28 sag sshd[20502]: Starting sshd:[ 确定 ]