CentOS 6.8升级 ssh到最新版SSH-8.2p1

/ 0评 / 10

查看当前版本

ssh -V
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013

有漏洞需要升级

编译所需工具包
yum install gcc pam-devel zlib-devel

安装telnet服务 //防止远程ssh升级失败
yum -y install telnet-server* telnet

vim /etc/xinetd.d/telnet
将disable字段的yes改为no以启用telnet服务

mv /etc/securetty /etc/securetty.old #允许root用户通过telnet登录
service xinetd start #启动telnet服务
chkconfig xinetd on #使telnet服务开机启动

通过telnet登录远程主机操作

telnet x.x.x.x

输入账号密码即可登录

备份现在的ssh

mv /etc/ssh /etc/old_ssh
mkdir /usr/bin/old_ssh
cd /usr/bin/
cp ssh* scp sftp old_ssh
cd /usr/sbin
mv sshd old_sshd
mv /etc/init.d/sshd /etc/init.d/baksshd

wget http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.2p1.tar.gz

cd openssh-8.2p1

./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --with-zlib --with-md5-passwords
make
make install

echo 'X11Forwarding yes' >> /etc/ssh/sshd_config
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config #允许root用户通过ssh登录
cp -p contrib/redhat/sshd.init /etc/init.d/sshd
chmod +x /etc/init.d/sshd
chkconfig --add sshd
chkconfig sshd on
chkconfig --list sshd
service sshd restart

如果启动失败

sshd无法启动,查看/var/log/secure里发现:fatal: daemon() failed: No such device

解决办法:

rm /dev/null
mknod /dev/null c 1 3
chmod 666 /dev/null

再查看升级是否成功

ssh -V
OpenSSH_8.2p1, OpenSSL 1.0.1e-fips 11 Feb 2013

发表评论

邮箱地址不会被公开。 必填项已用*标注