http://blog.csdn.net/levy\_cui/article/details/53100315

levy_cui (花名:白起)

科技改变世界，技术改变人生。

目录视图
摘要视图
订阅

【获奖公布】“我的2016”主题征文活动程序猿全指南，让【移动开发】更简单！【观点】移动原生App开发和HTML 5开发，你更看好哪个？博客的神秘功能

CentOS openssh升级到openssh-7.2版本

2016-11-09 15:25 1340人阅读评论(13) 收藏举报

分类：

LINUX（57）

安全部门漏洞检查，让升级openssh版本，升级操作不复杂，但毕竟是线上环境，主要注意如果你是通过ssh远程升级ssh版本，万一失败了，ssh不上去，是否可以到现场处理。

环境：

cat /etc/issue

CentOS release 6.5 (Final)

ssh -V

OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013

openssl version -a
OpenSSL 1.0.1e-fips 11 Feb 2013

一、准备
备份ssh目录(重要)
cp -rf /etc/ssh /etc/ssh.bak

【可以现场处理的，不用设置
安装telnet，避免ssh升级出现问题，导致无法远程管理
yum install telnet-server

vi /etc/xinetd.d/telnet
service telnet
{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
disable = no
}

默认不允许root登录

vi /etc/securetty
增加
pts/0
pts/1
pts/2
如果登录用户较多，需要更多的pts/*

/etc/init.d/xinetd restart
这样root可以telnet登录了

ssh升级后建议再修改回还原设置
】

二、安装
升级需要几个组件
yum install -y gcc openssl-devel pam-devel rpm-build

现在新版本，目前是openssh-7.3最新，但刚刚出来，为保险，我选用7.2版本
wget http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.3p1.tar.gz
wget http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.2p1.tar.gz
wget http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.1p1.tar.gz

解压升级包，并安装
tar -zxvf openssh-7.2p1.tar.gz
cd openssh-7.2p1
./configure —prefix=/usr —sysconfdir=/etc/ssh —with-pam —with-zlib —with-md5-passwords —with-tcp-wrappers
make && make install

安装后提示：
/etc/ssh/ssh_config already exists, install will not overwrite
/etc/ssh/sshd_config already exists, install will not overwrite
/etc/ssh/moduli already exists, install will not overwrite
ssh-keygen: generating new host keys: ECDSA ED25519
/usr/sbin/sshd -t -f /etc/ssh/sshd_config
/etc/ssh/sshd_config line 81: Unsupported option GSSAPIAuthentication
/etc/ssh/sshd_config line 83: Unsupported option GSSAPICleanupCredentials

修改配置文件,允许root登录

vi /etc/ssh/sshd_config
#PermitRootLogin yes
修改为
PermitRootLogin yes

命令：
sed -i ‘/^#PermitRootLogin/s/#PermitRootLogin yes/PermitRootLogin yes/‘ /etc/ssh/sshd_config

重启openSSH
service sshd restart

升级后版本
ssh -V
OpenSSH_7.2p1, OpenSSL 1.0.1e-fips 11 Feb 2013

【
如果之前你将原ssh目录修改名字
mv /etc/ssh /etc/ssh_bak

需要修改下配置：
修改配置文件,禁止root登录
sed -i ‘/^#PermitRootLogin/s/#PermitRootLogin yes/PermitRootLogin no/‘ /etc/ssh/sshd_config

可以不操作，禁止dns解析
sed -i ‘/^#UseDNS yes/s/#UseDNS yes/UseDNS no/‘ /etc/ssh/sshd_config

可以不操作默认是22，修改ssh端口至6022
echo “Port 6022” >> /etc/ssh/sshd_config
】

注:在升级SSH时你的SSH是不会因为升级或重启服务而断掉的.

问题1：
[root@testserver2 tmp]# service sshd restart
Stopping sshd: [ OK ]
Starting sshd: /etc/ssh/sshd_config line 81: Unsupported option GSSAPIAuthentication
/etc/ssh/sshd_config line 83: Unsupported option GSSAPICleanupCredentials [ OK ]

解决：
将/etc/ssh/sshd_config文件中以上行数内容注释下即可

sed -i ‘/^GSSAPICleanupCredentials/s/GSSAPICleanupCredentials yes/#GSSAPICleanupCredentials yes/‘ /etc/ssh/sshd_config
sed -i ‘/^GSSAPIAuthentication/s/GSSAPIAuthentication yes/#GSSAPIAuthentication yes/‘ /etc/ssh/sshd_config
sed -i ‘/^GSSAPIAuthentication/s/GSSAPIAuthentication no/#GSSAPIAuthentication no/‘ /etc/ssh/sshd_config

问题2：
更新后ssh有如下提示，但不影响使用：
[root@testserver2 tmp]# ssh 10.111.32.51
/etc/ssh/ssh_config line 50: Unsupported option “gssapiauthentication”

解决：
可以注释/etc/ssh/ssh_config的gssapiauthentication内容

-————————————————————————————————————————————-

CentOS7升级openssh参考这里的内容

本次使用源码安装（系统需要gcc），各软件版本如下：

zlib-1.2.8
openssl-1.0.2h
openssh-7.3p1

安装步骤如下：

1、安装zlib
[root@CentOS7test ~]# cd zlib-1.2.8/
[root@CentOS7test zlib-1.2.8]# ./configure
[root@CentOS7test zlib-1.2.8]# make
[root@CentOS7test zlib-1.2.8]# make install

2、安装openssl
[root@CentOS7test ~]# cd openssl-1.0.2h/
[root@CentOS7test openssl-1.0.2h]# ./config —prefix=/usr/ —shared
[root@CentOS7test openssl-1.0.2h]# make
[root@CentOS7test openssl-1.0.2h]# make install

3、安装openssh
[root@CentOS7test ~]# cd openssh-7.3p1/
[root@CentOS7test openssh-7.3p1]# ./configure —prefix=/usr/local —sysconfdir=/etc/ssh —with-pam —with-zlib —with-md5-passwords —with-tcp-wrappers
[root@CentOS7test openssh-7.3p1]# make
[root@CentOS7test openssh-7.3p1]# make install

4、查看版本是否已更新
[root@CentOS7test openssh-7.3p1]# ssh -V
OpenSSH_7.3p1, OpenSSL 1.0.2h 3 May 2016

5、新介质替换原有内容
[root@CentOS7test openssh-7.3p1]# mv /usr/bin/ssh /usr/bin/ssh_bak
[root@CentOS7test openssh-7.3p1]# cp /usr/local/bin/ssh /usr/bin/ssh
[root@CentOS7test openssh-7.3p1]# mv /usr/sbin/sshd /usr/sbin/sshd_bak
[root@CentOS7test openssh-7.3p1]# cp /usr/local/sbin/sshd /usr/sbin/sshd

6-加载ssh配置重启ssh服务
[root@CentOS7test ~]# systemctl daemon-reload
[root@CentOS7test ~]# systemctl restart sshd.service

7、遇到的问题解决

问题1：
安装完成后，telnet 22端口不通，通过systemctl status sshd.service查看发现有警告信息
部分信息如Permissions 0640 for ‘/etc/ssh/ssh_host_ecdsa_key’ are too open

修正：
修改相关提示文件的权限为600，并重启sshd服务（systemctl restart sshd.service）
查看服务状态（systemctl status sshd.service）
例：chmod 600 /etc/ssh/ssh_host_ecdsa_key

问题2：
安装完成后，如需root直接登录

修正：
修改/etc/ssh/sshd_config文件，将文件中#PermitRootLogin yes改为PermitRootLogin yes
并重启sshd服务
升级后验证

问题3：

如果你使用了jenkins进行部署，升级后会影响jenkins部署，测试连接web端会报错 Algorithm negotiation fail

修正：

在web端修改sshd_config文件最后一行增加以下内容

KexAlgorithms diffie-hellman-group1-sha1,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1

参考：http://stackoverflow.com/questions/32627998/algorithm-negotiation-fail-in-jenkins

-——————————————————————————————-

【临时修改版本号，运行很久的线上环境升级存在风险，如果可以的话只修改版本号吧（后期经过验证，这种修改版本号的方法无效，ssh -v IP可以查看版本）
查询
ssh -V
sshd -V

备份

cp /usr/bin/ssh /usr/bin/ssh.bak.version_edit
cp /usr/sbin/sshd /usr/sbin/sshd.bak.version_edit

修改

sed -i ‘s#OpenSSH_5.3p1#OpenSSH_7.2p1#g’ /usr/bin/ssh
sed -i ‘s#OpenSSH_5.3p1#OpenSSH_7.2p1#g’ /usr/sbin/sshd

】

补充汇总下：

centos7.X主机升级ssh
cp /usr/bin/ssh /usr/bin/ssh.bak.20161124
cp /usr/sbin/sshd /usr/bin/sshd.bak.20161124
mv /etc/ssh /etc/ssh.bak
-—下载包、安装gcc 、编译等中间步骤参上边内容—-
make && make install
/usr/sbin/sshd -t -f /etc/ssh/sshd_config
echo ‘PermitRootLogin yes’ >> /etc/ssh/sshd_config

cp /etc/ssh.bak/sshd_config /etc/ssh/sshd_config 将原来的文件覆盖下这个新生成的内容

/bin/systemctl restart sshd.service

centos6.X升级ssh
cp /usr/bin/ssh /usr/bin/ssh.bak.20161124
cp /usr/sbin/sshd /usr/bin/sshd.bak.20161124
cp -rf /etc/ssh /etc/ssh.bak
-—下载包、安装gcc 、编译等中间步骤参上边内容—-
make && make install
sed -i ‘/^#PermitRootLogin/s/#PermitRootLogin yes/PermitRootLogin yes/‘ /etc/ssh/sshd_config
sed -i ‘/^GSSAPICleanupCredentials/s/GSSAPICleanupCredentials yes/#GSSAPICleanupCredentials yes/‘ /etc/ssh/sshd_config
sed -i ‘/^UsePAM/s/UsePAM yes/#UsePAM yes/‘ /etc/ssh/sshd_config
sed -i ‘/^GSSAPIAuthentication/s/GSSAPIAuthentication yes/#GSSAPIAuthentication yes/‘ /etc/ssh/sshd_config
sed -i ‘/^GSSAPIAuthentication/s/GSSAPIAuthentication no/#GSSAPIAuthentication no/‘ /etc/ssh/sshd_config
service sshd restart

附录：

CentOS7 sshd_config配置内容

[python] view plain copy 在CODE上查看代码片派生到我的代码片

# $OpenBSD: sshd_config,v 1.93 2014/01/10 05:59:19 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/local/bin:/usr/bin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# The default requires explicit activation of protocol 1
#Protocol 2
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
# Ciphers and keying
#RekeyLimit default none
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#RSAAuthentication yes
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedPrincipalsFile none
#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don’t trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don’t read the user’s ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication yes
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
#KerberosUseKuserok yes
# GSSAPI options
GSSAPIAuthentication yes
GSSAPICleanupCredentials no
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no
#GSSAPIEnablek5users no
# Set this to ‘yes’ to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of “PermitRootLogin without-password”.
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to ‘no’.
# WARNING: ‘UsePAM no’ is not supported in Red Hat Enterprise Linux and may cause several
# problems.
UsePAM yes
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
UsePrivilegeSeparation sandbox # Default for new installations.
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#ShowPatchLevel no
#UseDNS yes
UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
# no default banner path
#Banner none
# Accept locale-related environment variables
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS
# override default of no subsystems
Subsystem sftp /usr/libexec/openssh/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server

CentOS6 sshd_config配置内容

[python] view plain copy 在CODE上查看代码片派生到我的代码片

# $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# Disable legacy (protocol version 1) support in the server for new
# installations. In future the default will change to require explicit
# activation of protocol 1
Protocol 2
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedKeysCommand none
#AuthorizedKeysCommandRunAs nobody
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don’t trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don’t read the user’s ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication yes
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
#KerberosUseKuserok yes
# GSSAPI options
#GSSAPICleanupCredentials yes
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no
# Set this to ‘yes’ to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of “PermitRootLogin without-password”.
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to ‘no’.
#UsePAM no
UsePAM yes
# Accept locale-related environment variables
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#ShowPatchLevel no
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
#ChrootDirectory none
# no default banner path
#Banner none
# override default of no subsystems
Subsystem sftp /usr/libexec/openssh/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server
UseDNS no
#GSSAPIAuthentication no
#GSSAPIAuthentication yes

20161205补充：

实际使用中发现ansible和jenkins使用时有些问题，网上查询了下，需要在/etc/ssh/sshd_config文件中最后增加两行：

[python] view plain copy 在CODE上查看代码片派生到我的代码片

Ciphers aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr,3des-cbc,arcfour128,arcfour256,arcfour,blowfish-cbc,cast128-cbc
KexAlgorithms diffie-hellman-group1-sha1,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1

因为升级了openssh太新导致通信时加密算法出现问题，加上后重启就可以了。

参考：
http://blog.c1gstudio.com/archives/1474

https://www.douban.com/note/306958442/

http://www.cnblogs.com/elisun/p/5523696.html

顶

踩

上一篇mapreduce中MAP数量如何控制？
下一篇使用python对中文文档进行词频统计

我的同类文章

LINUX（57）

•tomcat、nginx压力测试方法2017-01-13阅读**6**
•linux内核参数优化2016-12-30阅读**72**
•CentOS6安装NFS HA架构部署(NFS + Heartbeat + DRBD)2016-12-14阅读**134**
•通过tune2fs释放 Linux 系统预留的硬盘空间2016-11-21阅读**117**
•CentOS6.5下supervisor 3.0安装与使用2016-10-25阅读**190**
•tomcat7的安装与配置2017-01-10阅读**11**
•Linux centOS系统备份还原(dd+rsync方式)2016-12-23阅读**88**
•linux iptables规则的查看、添加、删除和修改2016-11-24阅读**38**
•shc对Shell脚本加密方法及问题处理2016-10-26阅读**243**
•yum安装包时出现is a duplicate with2016-07-29阅读**126**

核心技术类目

全部主题 Hadoop AWS 移动游戏 Java Android iOS Swift 智能硬件 Docker OpenStack VPN Spark ERP IE10 Eclipse CRM JavaScript 数据库 Ubuntu NFC WAP jQuery BI HTML5 Spring Apache .NET API HTML SDK IIS Fedora XML LBS Unity Splashtop UML components Windows Mobile Rails QEMU KDE Cassandra CloudStack FTC coremail OPhone CouchBase 云计算 iOS6 Rackspace Web App SpringSide Maemo Compuware 大数据 aptech Perl Tornado Ruby Hibernate ThinkPHP HBase Pure Solr Angular Cloud Foundry Redis Scala Django Bootstrap

个人资料
levy_cui
- 访问：124747次
- 积分：2041
- 等级：
- 排名：第15352名
- 原创：348篇
- 转载：21篇
- 译文：0篇
- 评论：58条
文章搜索
文章分类
HADOOP(71)
Python(34)
系统运维(61)
大数据(11)
机器学习(8)
分析报告(2)
LINUX(58)
Mysql/postgreSQL(17)
Oracle(25)
WINDOWS(12)
虚拟化(4)
SQLServer(1)
NOSQL(1)
爬虫(3)
Spark(6)
Ubuntu(6)
Flume(2)
Java(8)
Zookeeper(2)
CDH(19)
ambari(15)
storm(4)
kafka(7)
Redis(8)
ganglia(2)
Hive(20)
Hbase(4)
nagios(1)
自我修养(5)
中间件(0)
jenkins(4)
azkaban(1)
docker(1)
kylin(1)
文章存档
- 2017年01月(5)
- 2016年12月(9)
- 2016年11月(10)
- 2016年10月(8)
- 2016年09月(11)
  
  展开
阅读排行
使用pip安装tensorflow 0.80，python 使用tensorflow 0.80遇到的问题及处理方法(7914)
使用office365.com进行SMTP邮件转发(3285)
windows 2008 配置安装FTP服务器(3255)
Anaconda和Pycharm安装和配置教程(3225)
Windows Server 2008R2 设置SMTP邮件转发服务(3145)
linux kvm虚拟机使用(3131)
RHEL正版授权yum注册方法(2863)
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure(2826)
离线安装Cloudera Manager5.3.4与CDH5.3.4(2558)
CDH管理界面查看各框架的版本（hive为例）(2237)
评论排行
使用pip安装tensorflow 0.80，python 使用tensorflow 0.80遇到的问题及处理方法(15)
CentOS openssh升级到openssh-7.2版本(13)
升级ambari、HDP版本（ambari 2.1升级到2.4、HDP2.3升级到2.5）(5)
博客搬至CSDN 完成(4)
程序员什么时候该考虑辞职(3)
python数据分析1:获取双色球历史信息(2)
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure(2)
linux下Oracle显示中文乱码(2)
hadoop2.6.0 + Azkaban2.5.0 任务调度系统实践(2)
专注做事(1)
推荐文章
- * 而立之年——三线城市程序员的年终告白
- * Java集合框架中隐藏的设计套路
- * Python脚本下载今日头条视频(附加Android版本辅助下载器)
- * 人工智能的冷思考
- * React Native 实战系列教程之热更新原理分析与实现
最新评论
使用pip安装tensorflow 0.80，python 使用tensorflow 0.80遇到的问题及处理方法

fan_fan_feng:谢了。
使用pip安装tensorflow 0.80，python 使用tensorflow 0.80遇到的问题及处理方法

levy_cui:@deadwangyue:参考下https://bugs.debian.org/cgi-bin/bu…
使用pip安装tensorflow 0.80，python 使用tensorflow 0.80遇到的问题及处理方法

levy_cui:@deadwangyue:首先看看环境一直吗？是安装一步步操作的吗？
CentOS openssh升级到openssh-7.2版本

levy_cui:@qq_30129953:我觉得是不是需要把之前的ssl目录mv到其他位置之后编译安装ssl
使用pip安装tensorflow 0.80，python 使用tensorflow 0.80遇到的问题及处理方法

deadwangyue:hi，楼下，我在安装glibc2.17的时候make过不了gconv_db.c Error…
CentOS openssh升级到openssh-7.2版本

qq_30129953:你就是我网上搜的o.o 问了别人说是ssh密钥没更新什么的你知道怎么做吗
CentOS openssh升级到openssh-7.2版本

levy_cui:@qq_30129953:我只升级了ssh版本没有操作ssl，在网上搜搜吧
CentOS openssh升级到openssh-7.2版本

qq_30129953:我先升级了ssl到1.1，然后安装ssh新版本，安装好了查看ssh版本为什么openssl是原来的老…
使用shell脚本ssh远程执行命令，使用awk时总是报错

newhackerman:Good this my want’t thnaks a lot
CentOS openssh升级到openssh-7.2版本

levy_cui:@wenxiaofu:如果是通过重新编译安装的话看下 /usr/bin/ssh 和 /usr/sb…