Tag:serve store key Solution sub crypto clu oca enter
OpenSSH upgrade to the latest version (openssh-7.7p1.tar.gz)
1###############################################################
View pre-upgrade Environments
[[email protected] zlib-1.2.11]# cat/etc/redhat-release
Red Hat Enterprise Linux Server Release 6.8 (Santiago) zlib-1.2.11.tar.gz
[[email protected] ~]# rpm-qa|grep OpenSSL
Openssl-1.0.1e-48.el6.x86_64
[[email protected] ~]# rpm-qa|grep openssh
openssh-5.3p1-117.el6.x86_64
openssh-clients-5.3p1-117.el6.x86_64
openssh-server-5.3p1-117.el6.x86_64
Openssh-askpass-5.3p1-117.el6.x86_64
[[email protected] ~]#
2####################################### ########################
Download software to official website
zlib-1.2.11.tar.gz
openssl-1.0.2o.tar.gz
openssh-7.7p1.tar.gz
Upload to/tmp
3################################################################
Install zlib
cd/tmp
TAR-ZXVF zlib-1.2.11.tar.gz
CD zlib-1.2.11
./configure--prefix=/usr/local/zlib
Make
make install
4################################################################
OpenSSL upgrade
#rpm-e Rpm-qa|grep OpenSSL --nodeps (uninstall OpenSSL, can not do)
Mv/etc/ssl/etc/ssl.bak (does not exist after uninstallation)
TAR-ZXVF openssl-1.0.2o.tar.gz
CD OPENSSL-1.0.2O
./config Shared--prefix=/usr/local/ssl--openssldir=/usr/local/ssl
make&& make Install
Mv/usr/bin/openssl/usr/bin/openssl.lod (does not exist after uninstallation)
Mv/usr/include/openssl/usr/include/openssl.old (does not exist after uninstallation)
Ln-s/usr/local/ssl/bin/openssl/usr/bin/openssl
Ln-s/usr/local/ssl/include/openssl//usr/include/openssl
echo "/usr/local/ssl/lib" >>/etc/ld.so.conf
echo "/usr/local/ssl//lib64" >>/etc/ld.so.conf
Ln-s/usr/local/ssl/lib/libssl.so.1.0.0/usr/lib64/libssl.so.1.0.0
Ln-s/usr/local/ssl/lib/libcrypto.so.1.0.0/usr/lib64/libcrypto.so.1.0.0
Ldconfig-v
OpenSSL version-a #查看OpenSSL版本
5#################################################################
OpenSSH upgrade
Rpm-e ' Rpm-qa|grep openssh '--nodeps (uninstall OpenSSH)
TAR-ZXVF openssh-7.7p1.tar.gz
CD OPENSSH-7.7P1
./configure--prefix=/usr/local/openssh--with-ssl-dir=/usr/local/ssl--with-zlib=/usr/local/zlib
Make && make install
Cp-r/etc/ssh/etc/sshold
Cp/tmp/openssh-7.7p1/contrib/redhat/sshd.init/etc/init.d/sshd
Chkconfig--add sshd
Cp/usr/local/openssh/etc/sshd_config/etc/ssh/sshd_config
Cp/usr/local/openssh/sbin/sshd/usr/sbin/sshd
Cp/usr/local/openssh/bin/ssh/usr/bin/ssh
Cp/usr/local/openssh/bin/ssh-keygen/usr/bin/ssh-keygen
Cp/usr/local/openssh/etc/ssh_host_ecdsa_key.pub/etc/ssh/ssh_host_ecdsa_key.pub (Resolve restart sshd error:/sbin/restorecon: Lstat (/etc/ssh/ssh_host_ecdsa_key.pub) failed:no such file or directory)
Vi/etc/ssh/sshd_config (see if the path followed by SFTP is correct)
Subsystem Sftp/usr/local/openssh/libexec/sftp-server
6###################### #默认root不能远程ssh登录, need su, the following configuration root remote can log in
Vi/etc/ssh/sshd_config
Passwordauthentication Yes
Permitrootlogin Yes
Vi/etc/init.d/sshd
In $sshd $OPTIONS && Success | | Add the following line above failure
Options= "-f/etc/ssh/sshd_config"
7############################ #查看版本
Service sshd Restart
[Email protected] tmp]# ssh-v
OPENSSH_7.7P1, OpenSSL 1.0.2o Mar 2018
LINUX-OPENSSH upgrade to the latest version (OPENSSH-7.7P1.TAR.GZ)