openssh【5.3】升级到openssh【7.7】
凌昕
公司线上环境安全监测,openssh升级OpenSSH 到最新版本OpenSSH_7.7p1 (2018-04)来减少漏铜。升级过程如下:
1、基本环境准备
系统环境:CentOS release 6.8 (Final)
2、安装过程
1)下载openssh-7.7p1.tar.gz,上传到服务器解压。
下载地址:https://download.csdn.net/download/qq_41018670/10404979
2)备份ssh原有的配置文件
#tar zcvf /etc/ssh.tar.gz /etc/ssh
3)卸载原来的sshd服务
#yum remove openssh
4)安装openssh编译所需要的依赖包
#yum install -y gcc libstdc++-devel gcc-c++ zlib-devel keyutils-libs-devel libcom_err-devel libsepol-devel pkgconfig libsepol libselinux-devel krb5-devel openssl-devel
5)编译
#cd openssh-7.7p1
#./configure
#make
#make install
【*】默认路径
User binaries: /usr/local/bin
System binaries: /usr/local/sbin
Configuration files: /usr/local/etc
Askpass program: /usr/local/libexec/ssh-askpass
Manual pages: /usr/local/share/man/manX
PID file: /var/run
Privilege separation chroot path: /var/empty
sshd default user PATH: /usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
6)启动方式
将安装源程序目录下的/openssh-7.7p1/contrib/redhat/sshd.init 复制到 /etc/init.d/sshd
修改启动文件:
vim /etc/init.d/sshd #修改sshd文件
SSHD=/usr/local/sbin/sshd
/usr/local/bin/ssh-keygen -A
/sbin/restorecon /usr/local/etc/ssh_host_rsa_key.pub
/sbin/restorecon /usr/local/etc/ssh_host_dsa_key.pub
/sbin/restorecon /usr/local/etc/ssh_host_ecdsa_key.pub
7)修改配置文件
vim /usr/local/etc/sshd_config #配置sshd_config文件
PermitRootLogin yes #允许root登录
8)启动sshd服务
service sshd start
9)验证
ssh -V
类似资料: