华为欧拉openEuler制作openssh 9.1/9.2/9.3 p1 rpm——筑梦之路
葛玉堂
环境说明:
操作系统:open Euler 22.03 lts
平台架构:x86_64
安装选择:最小化安装
# 系统版本
cat /etc/openEuler-release
openEuler release 22.03 LTS
# 默认ssh版本
ssh -V
OpenSSH_8.8p1, OpenSSL 1.1.1m 14 Dec 2021
# 内核
uname -a
Linux openEuler-200-32 5.10.0-60.18.0.50.oe2203.x86_64 #1 SMP Wed Mar 30 03:12:24 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
# 系统信息
cat /etc/os-release
NAME="openEuler"
VERSION="22.03 LTS"
ID="openEuler"
VERSION_ID="22.03"
PRETTY_NAME="openEuler 22.03 LTS"
ANSI_COLOR="0;31"
华为欧拉操作系统下制作openssh 9.1 p1的过程和centos 6 下类似
可以参考:
https://blog.csdn.net/qq_34777982/article/details/123285874?csdn_share_tail=%7B%22type%22%3A%22blog%22%2C%22rType%22%3A%22article%22%2C%22rId%22%3A%22123285874%22%2C%22source%22%3A%22qq_34777982%22%7D
但由于是国产化系统,这里再将区别处记录一下。
1. 处理源码
tar -zxf openssh-9.1p1.tar.gz
cd openssh-9.1p1/contrib/redhat/
cp -p sshd.pam sshd.pam.old
cp -p sshd.init sshd.init.old
cd ../../
#重新打包源码
tar -czf openssh-9.1p1.tar.gz openssh-9.1p1
2. 处理openssh.spec
注释的地方如下:
94 #PreReq: initscripts >= 5.00
103 #BuildRequires: openssl-devel < 1.1
3. 手动创建目录
mkdir -p /root/rpmbuild/{SPECS,SOURCES}
4. 拷贝源码到目录
cp openssh-9.1p1.tar.gz x11-ssh-askpass-1.2.4.1.tar.gz /root/rpmbuild/SOURCES/
5.切换目录进行rpm包制作
cd rpmbuild/SPECS/
rpmbuild -ba openssh.spec
6.查看构建的成果
tree RPMS/x86_64/
RPMS/x86_64/
├── openssh-9.1p1-1.x86_64.rpm
├── openssh-askpass-9.1p1-1.x86_64.rpm
├── openssh-askpass-gnome-9.1p1-1.x86_64.rpm
├── openssh-clients-9.1p1-1.x86_64.rpm
├── openssh-debuginfo-9.1p1-1.x86_64.rpm
├── openssh-debugsource-9.1p1-1.x86_64.rpm
└── openssh-server-9.1p1-1.x86_64.rpm
tree SRPMS/
SRPMS/
└── openssh-9.1p1-1.src.rpm
7.安装测试
升级安装只需要三个包:
openssh-9.1p1-1.x86_64.rpm
openssh-clients-9.1p1-1.x86_64.rpm
openssh-server-9.1p1-1.x86_64.rpm
# 备份配置文件
cp -p /etc/ssh /etc/ssh-backup
cp -p /etc/pam.d/sshd /etc/pam.d/sshd-backup
# 升级安装
yum localinstall *.rpm
# 覆盖/etc/pam.d/sshd
cat /etc/pam.d/sshd
#%PAM-1.0
auth required pam_sepermit.so
auth include password-auth
account required pam_nologin.so
account include password-auth
password include password-auth
## pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
## pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open env_params
session optional pam_keyinit.so force revoke
session include password-auth
# 配置ssh
chmod 400 /etc/ssh/ssh_host_*
echo 'UsePAM yes' >> /etc/ssh/sshd_config
echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config
echo 'PasswordAuthentication yes' >> /etc/ssh/sshd_config
# 重启sshd服务
systemctl restaret sshd
# 验证测试连接即可
rpm -qa | grep openssh
openssh-server-9.1p1-1.x86_64
openssh-9.1p1-1.x86_64
openssh-clients-9.1p1-1.x86_64
ssh -V
OpenSSH_9.1p1, OpenSSL 1.1.1m 14 Dec 2021
systemctl status sshd | grep running
Active: active (running) since Fri 2022-10-21 10:59:17 CST; 11min ago
└─2259192 grep --color=auto running
# selinux firewalld已关闭默认openssh 8.8 源码包:
https://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/source/Packages/openssh-8.8p1-2.oe2203.src.rpm?spm=a2c6h.25603864.0.0.5af577788mpGLl相关源码包和二进制rpm包,见我的资源
注意:请根据自己的环境测试验证后再上生产环境!!!!
openssh 9.2 版本rpm包制作过程一样,参考上面的步骤即可。
类似资料: