How to smoothly Upgrade OpenSSH to 6.1

How to smoothly Upgrade OpenSSH to 6.1

Smooth upgrade of openssh

I. Environment Description

1) Operating System: CentOS 5.5 64-bit

2) Openssh version: openssh-4.3p2-41.el5

3) Openssh version after upgrade: OpenSSH_6.1p1 (source code installation)

4) Connection Tool xshell 4

Ii. Install Dropbear instead of OpenSSH

1) download the dropbear installation package

Https://matt.ucc.asn.au/dropbear/releases/dropbear-2014.66.tar.bz2

2) Check the installation dependency package

Yum install zlib * gcc make

3) Compile and install dropbear

# Tar jxf dropbear-2014.66.tar.bz2

# Cd dropbear-2014.66

#./Configure

# Make & make install

Check whether the generated file is correct:

4) generate a certificate

#/Usr/local/bin/dropbearkey-t dss-f/etc/dropbear/dropbear_dss_host_key

#/Usr/local/bin/dropbearkey-t rsa-s 4096-f/etc/dropbear/dropbear_rsa_host_key

5) Start dropbear

#/Usr/local/sbin/dropbear-p 2222 // listen to port 2222

Check whether startup is successful:

3. Upgrade sshd to OpenSSH-6.1 and delete old version ssh

1) preparations before Upgrade

Check whether the package is missing

# Rpm-qa | egrep "gcc | openssl-devel | make | perl | pam-devel"

If you have configured yum, you can directly install these packages using yum to check whether the packages are installed.

Yum-y install gcc * make openssl-devel perl pam-devel

2. Download openssh-6.1p1.tar.gz

Http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-6.1p1.tar.gz

Back up ssh:

# Mv/etc/ssh. bak

# Openssl version-

3) Compile and install the new openssh version.

# Tar zxf openssh-6.1p1.tar.gz & cd openssh-6.1p1

#./Configure -- prefix =/usr -- sysconfdir =/etc/ssh -- with-pam -- with-zlib -- with-md5-passwords

# Make

Uninstall the old version of openssh and then make install

# Rpm-qa | grep openssh

# Rpm-e 'rpm-qa | grep openssh'

Openssh-askpass is used to enter a password in the graphic interface.

# Make install

4) Check whether to upgrade to the new version.

5) copy the startup script to/etc/init. d.

# Cp/root/openssh-6.1p1/contrib/RedHat/sshd. init/etc/init. d/sshd

Add to startup

# Chkconfig -- add sshd

6) start sshd and use start or reload. Do not restart. restart will disconnect directly, but will not start the sshd service. In this case, you need to enter the machine through other channels and then start the sshd service.

4. Delete dropbear.

Open another tag in xshell,

Here, Dropbear is used to prevent the upgrade from being successful and replace openssh to connect to the server.

When port 2222 is enabled (the port at which dropbear is started can be set to another), The xshell connection method is as follows:

Xshell: \> ssh 192.168.4.1 2222 (192.168.4.1 is the ip address of the server to be connected)

Delete the dropbear file and kill the process.

# Rm-rf/etc/dropbear // usr/local/sbin/dropbear/usr/local/bin/dropbear *

Provides FTP + SSL/TLS authentication through OpenSSL and implements secure data transmission.

Analysis of encryption algorithms and OpenSSL for OpenSSH

Install and configure OpenSSH in Ubuntu Server 13.10

Install OpenSSH remotely on Ubuntu

Solve the latency problem during remote login through OpenSSH

Offline installation of OpenSSH in Ubuntu 12.10

OpenSSH upgrade steps and precautions

Solutions for failures of common OpenSSH users

General thread: OpenSSH key management, Part 1 Understanding RSA/DSA authentication

Install OpenSSH and configure the sftp lock directory for RedHat

OpenSSL details: click here
OpenSSL: click here

This article permanently updates the link address: