OpenSSH 升级
OpenSSH 升级版本到最新(OpenSSH_8.7p1)
1.依赖软件包:
yum install wget gcc -y
yum install -y zlib-devel openssl-devel
yum install pam-devel libselinux-devel zlib-devel openssl-devel -y
2.下载安装包 openssh-8.7p1.tar.gz 上传至服务器或 wget 直接下载
wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.7p1.tar.gz
3.删除低版本OpenSSH的的rpm包
rpm -e --nodeps `rpm -qa | grep openssh`
4.安装openssh
解压
tar -zxvf openssh-8.7p1.tar.gz cd openssh-8.7p1
配置
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-zlib --with-tcp-wrappers --with-ssl-dir=/usr/local/ssl --without-hardening
编译安装
make make install
赋权
chmod 600 /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ed25519_key
复制配置文件
cp -a contrib/redhat/sshd.init /etc/init.d/sshd cp -a contrib/redhat/sshd.pam /etc/pam.d/sshd.pam chmod u+x /etc/init.d/sshd
设置允许root用户远程登录
vim /etc/ssh/sshd_config
- 去掉注释 #PermitRootLogin prohibit-password 并把prohibit-password改为yes;
- 去掉注释 #PasswordAuthentication yes 变为 PasswordAuthentication yes。
- 去掉注释 #PermitRootLogin prohibit-password 并把prohibit-password改为yes;
添加添加自启服务ssh到开机启动项
chkconfig --add sshd chkconfig sshd on
重启服务
systemctl restart sshd systemctl status sshd
5.查看安装结果
ssh -V