[关闭]
@dooy 2016-10-19T14:37:51.000000Z 字数 2082 阅读 184

openssh 升级至7.3

安装

注意 ssh7 不允许root远程登录

1.准备工作

下载

wget http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.3p1.tar.gz
wget https://www.openssl.org/source/openssl-1.0.2h.tar.gz
wget https://sourceforge.net/projects/libpng/files/zlib/1.2.8/zlib-1.2.8.tar.gz --no-check-certificate

2. dropbear 安装 怕ssh有问题

下载最新:https://matt.ucc.asn.au/dropbear/releases/

  1. tar xf dropbear-2015.71.tar.bz2
  2. cd dropbear-2015.71
  3. ./configure
  4.  make && make install
  5. /usr/local/bin/dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key
  6. /usr/local/bin/dropbearkey -t rsa -s 4096 -f /etc/dropbear/dropbear_rsa_host_key
  7. /usr/local/sbin/dropbear -p 2222

打开端口 2222 的防火墙

3.安装 zlib openssl openssh

  1. tar xf zlib-1.2.8.tar.gz 
  2. cd zlib-1.2.8
  3. ./configure --prefix=/usr/local/zlib
  4. make && make install
  5. cd ../
  6. tar xf openssl-1.0.2h.tar.gz 
  7. cd openssl-1.0.2h
  8. ./config --prefix=/usr/local/openssl
  9. make && make install
  10. cd ../
  11. tar xf  openssh-7.3p1.tar.gz 
  12. cd openssh-7.3p1
  13. #如果需要修改显示信息找到 sshd.c 找到
  14. ./configure --prefix=/usr/local/openssh --sysconfdir=/usr/local/openssh/etc --with-pam --with-ssl-dir=/usr/local/openssl --with-md5-passwords --mandir=/usr/share/man --with-zlib=/usr/local/zlib
  15. make && make install
  17. mv /etc/init.d/sshd /etc/init.d/sshd_bak
  18. touch /usr/local/openssh/etc/ssh_host_key.pub
  19. cp contrib/redhat/sshd.init /etc/init.d/sshd 
  20. #参考 后面 修改 sshd中的内容
  22. chmod +x /etc/init.d/sshd
  23. /etc/init.d/sshd restart

将/etc/init.d/sshd 的内容

SSHD=/usr/sbin/sshd
/usr/bin/ssh-keygen -A
/sbin/restorecon /etc/ssh/ssh_host_key.pub
/sbin/restorecon /etc/ssh/ssh_host_rsa_key.pub
/sbin/restorecon /etc/ssh/ssh_host_dsa_key.pub
/sbin/restorecon /etc/ssh/ssh_host_ecdsa_key.pub

修改为:

SSHD=/usr/local/openssh/sbin/sshd
/usr/local/openssh/bin/ssh-keygen -A
/sbin/restorecon /usr/local/openssh/etc/ssh_host_key.pub
/sbin/restorecon /usr/local/openssh/etc/ssh_host_rsa_key.pub
/sbin/restorecon /usr/local/openssh/etc/ssh_host_dsa_key.pub
/sbin/restorecon /usr/local/openssh/etc/ssh_host_ecdsa_key.pub

参考

http://www.cnblogs.com/Before/p/5522560.html
http://www.linuxidc.com/Linux/2014-12/110466.htm
http://www.cnblogs.com/dieangel/p/5953800.html
http://zhidao.baidu.com/link?url=x5StXsConQmtBvZiSPJDuIbfzvnM2XGrkAu3MW4FZX-rHyJX8S8gmG5lX50ro-Yz1DLx6zoGuBg_pyKUI45iYITiY-TsmZsp-tBU_ypA8HO

添加新批注
在作者公开此批注前,只有你和作者可见。
回复批注