查看当前版本
ssh -V
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
有漏洞需要升级
编译所需工具包
yum install gcc pam-devel zlib-devel
安装telnet服务 //防止远程ssh升级失败
yum -y install telnet-server* telnet
vim /etc/xinetd.d/telnet
将disable字段的yes改为no以启用telnet服务
mv /etc/securetty /etc/securetty.old #允许root用户通过telnet登录
service xinetd start #启动telnet服务
chkconfig xinetd on #使telnet服务开机启动
通过telnet登录远程主机操作
telnet x.x.x.x
输入账号密码即可登录
备份现在的ssh
mv /etc/ssh /etc/old_ssh
mkdir /usr/bin/old_ssh
cd /usr/bin/
cp ssh* scp sftp old_ssh
cd /usr/sbin
mv sshd old_sshd
mv /etc/init.d/sshd /etc/init.d/baksshd
wget http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.2p1.tar.gz
cd openssh-8.2p1
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --with-zlib --with-md5-passwords
make
make install
echo 'X11Forwarding yes' >> /etc/ssh/sshd_config
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config #允许root用户通过ssh登录
cp -p contrib/redhat/sshd.init /etc/init.d/sshd
chmod +x /etc/init.d/sshd
chkconfig --add sshd
chkconfig sshd on
chkconfig --list sshd
service sshd restart
如果启动失败
sshd无法启动,查看/var/log/secure里发现:fatal: daemon() failed: No such device
解决办法:
rm /dev/null
mknod /dev/null c 1 3
chmod 666 /dev/null
再查看升级是否成功
ssh -V
OpenSSH_8.2p1, OpenSSL 1.0.1e-fips 11 Feb 2013