OpenSSH Smooth upgrade to 6.1 operation steps

Smooth upgrade OpenSSH

I. Description of the Environment

1) Operating system: CentOS 5.5 64-bit

2) OpenSSH version: Openssh-4.3p2-41.el5

3) OpenSSH upgrade version: OPENSSH_6.1P1 (source installation)

4) Connection Tool Xshell 4

Second, install dropbear instead of OpenSSH

1) Download Dropbear installation package

https://matt.ucc.asn.au/dropbear/releases/dropbear-2014.66.tar.bz2

2) Check the installation dependency package

Yum Install zlib* gcc make

3) Compile and install Dropbear

# tar jxf dropbear-2014.66.tar.bz2

# CD dropbear-2014.66

#./configure

# Make && make install

650) this.width=650; "Style=" background-image:none; border-right-0px; margin:0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" wpsaf7e.tmp "border=" 0 "alt=" wpsaf7e.tmp "src=" http://s3.51cto.com/wyfs02/M01/56/B6/ Wkiol1sk7zajjmdvaabdqjyoeq4770.jpg "width=" 244 "height="/>

Check that the resulting file is correct:

650) this.width=650; "Style=" background-image:none; border-right-0px; margin:0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" wpsaf8f.tmp "border=" 0 "alt=" wpsaf8f.tmp "src=" http://s3.51cto.com/wyfs02/M02/56/B6/ Wkiol1sk7zrxwi39aaapk2krzb0915.jpg "width=" 244 "height="/>

4) Generate certificate

#/usr/local/bin/dropbearkey-t Dss-f/etc/dropbear/dropbear_dss_host_key

#/usr/local/bin/dropbearkey-t Rsa-s 4096-f/etc/dropbear/dropbear_rsa_host_key

650) this.width=650; "Style=" background-image:none; border-right-0px; margin:0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" wpsafa0.tmp "border=" 0 "alt=" wpsafa0.tmp "src=" http://s3.51cto.com/wyfs02/M00/56/B6/ Wkiol1sk7zribzi9aabsv6kwegs481.jpg "width=" 244 "height="/>

650) this.width=650; "Style=" background-image:none; border-right-0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" wpsafb0.tmp "border=" 0 "alt=" wpsafb0.tmp "src=" http://s3.51cto.com/wyfs02/M01/56/B6/ Wkiol1sk7zqb8h-aaabihbrt_ce081.jpg "width=" 244 "height="/>

5) Start Dropbear

#/usr/local/sbin/dropbear-p 2222//Monitor 2222 port

To see if the startup was successful:

650) this.width=650; "Style=" background-image:none; border-right-0px; margin:0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" wpsafb1.tmp "border=" 0 "alt=" wpsafb1.tmp "src=" http://s3.51cto.com/wyfs02/M02/56/B6/ Wkiol1sk7zqcdcdyaabvjlk2aam071.jpg "width=" 244 "height="/>

Third, upgrade sshd to OpenSSH-6.1 and delete the old version of SSH

1) Pre-upgrade preparation

See if a package is missing

# Rpm-qa | Egrep "Gcc|openssl|openssl-devel|make|perl|pam|pam-devel"

If you have a yum configuration, you can install these packages directly from Yum, so that you can check whether they are loaded or not installed directly.

Yum-y install gcc* make OpenSSL openssl-devel perl Pam Pam-devel

650) this.width=650; "Style=" background-image:none; border-right-0px; margin:0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" wpsafc2.tmp "border=" 0 "alt=" wpsafc2.tmp "src=" http://s3.51cto.com/wyfs02/M00/56/B6/ Wkiol1sk7zrwbcgxaabky7zprz4038.jpg "width=" 244 "height=" 189 "/>

2) Download openssh-6.1p1.tar.gz

Http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-6.1p1.tar.gz

Backup ssh:

# Mv/etc/ssh/etc/ssh.bak

# OpenSSL Version-a

650) this.width=650; "Style=" background-image:none; border-right-0px; margin:0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" wpsafd2.tmp "border=" 0 "alt=" wpsafd2.tmp "src=" http://s3.51cto.com/wyfs02/M01/56/B6/ Wkiol1sk7zutks-4aaa6rzaharm410.jpg "width=" 244 "height=" "/>"
3) Compile and install the new version OpenSSH

# tar zxf openssh-6.1p1.tar.gz && CD OPENSSH-6.1P1
#./configure--prefix=/usr--sysconfdir=/etc/ssh--with-pam--with-zlib--with-md5-passwords
# make

Uninstall the old version of OpenSSH first, then make the install

# Rpm-qa | grep OpenSSH
# rpm-e ' Rpm-qa | grep OpenSSH '

650) this.width=650; "Style=" background-image:none; border-right-0px; margin:0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" wpsafd3.tmp "border=" 0 "alt=" wpsafd3.tmp "src=" http://s3.51cto.com/wyfs02/M02/56/B6/ Wkiol1sk7zuypcljaabl99izt7a890.jpg "width=" 244 "height=" "/>"

Openssh-askpass is used to enter the password in the graphical interface, do not need to install

# make Install

4) See if you are upgrading to a new version

650) this.width=650; "Style=" background-image:none; border-right-0px; margin:0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" wpsafd4.tmp "border=" 0 "alt=" wpsafd4.tmp "src=" http://s3.51cto.com/wyfs02/M00/56/B6/ Wkiol1sk7zvxpzcgaaak6y4ubaw873.jpg "width=" 244 "height="/>

5) Copy the startup script to/etc/init.d

# cp/root/openssh-6.1p1/contrib/redhat/sshd.init/etc/init.d/sshd

Add to start

# chkconfig--add sshd

650) this.width=650; "Style=" background-image:none; border-right-0px; margin:0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" wpsafd5.tmp "border=" 0 "alt=" wpsafd5.tmp "src=" http://s3.51cto.com/wyfs02/M01/56/B6/ Wkiol1sk7zuhdosnaaahokhxaii166.jpg "width=" 244 "height="/>

6) Start the sshd with start or reload. Do not Restart,restart will be disconnected directly, and will not continue to start the sshd service, this time to enter the machine by other means, and then start the sshd service.

650) this.width=650; "Style=" background-image:none; border-right-0px; margin:0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" wpsafd6.tmp "border=" 0 "alt=" wpsafd6.tmp "src=" http://s3.51cto.com/wyfs02/M02/56/B6/ Wkiol1sk7zvisjnuaaaswbjf_bs355.jpg "width=" 244 "height=" "/>"

Iv. deletion of Dropbear.

Re-open a label in the Xshell,

Here dropbear is used to prevent the upgrade from being unsuccessful and to replace the OpenSSH connection server.

In case of opening port 2222 (dropbear boot port, you can set other), the way to connect via Xshell is:

xshell:\> ssh 192.168.4.1 2222 (192.168.4.1 is the server IP that needs to be connected)

650) this.width=650; "Style=" background-image:none; border-right-0px; margin:0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" wpsafe7.tmp "border=" 0 "alt=" wpsafe7.tmp "src=" http://s3.51cto.com/wyfs02/M00/56/B6/ Wkiol1sk7zuyqmleaaaff7og9p8119.jpg "width=" 244 "height=" "/>

Delete dropbear installed files and kill the process

# rm-rf/etc/dropbear//usr/local/sbin/dropbear/usr/local/bin/dropbear*

650) this.width=650; "Style=" background-image:none; border-right-0px; margin:0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" wpsaff8.tmp "border=" 0 "alt=" wpsaff8.tmp "src=" http://s3.51cto.com/wyfs02/M01/56/B6/ Wkiol1sk7zutlaiaaaa2q-sjgao404.jpg "width=" 244 "height=" "/>

650) this.width=650; "Style=" background-image:none; border-right-0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" wpsaff9.tmp "border=" 0 "alt=" wpsaff9.tmp "src=" http://s3.51cto.com/wyfs02/M02/56/B6/ Wkiol1sk7zyzzmy4aaahlx-ysem099.jpg "width=" 244 "height="/>

OpenSSH Smooth upgrade to 6.1 operation steps