openssh升级
为保障在升级openssh过程中出现网络中断导致连接不上服务器,建议先安装telnet服务,当网络中断时,可通过telnet远程到服务器。
一、安装telnet服务
yum install xinetd 依赖
yum install telnet 客户端
yum install telnet-server 服务端
1、开启telnet服务
vim /etc/xinetd.d/telnetservice telnet{flags = REUSEsocket_type = streamwait = nouser = rootserver = /usr/sbin/in.telnetdlog_on_failure += USERID#disable = yes 【将disable=yes行前加#注释掉,或者把yes改为no】}
2、允许root以telnet登陆
备份配置:cp /etc/securetty /etc/securetty.bak
修改以下配置文件vim /etc/securetty
在末尾添加(可添加pts/0-11)
pts/0
pts/1
3、启动xinetd、telnet服务
systemctl enable xinetdsystemctl enable telnet.socketsystemctl start xinetdsystemctl start telnet.socket
4、检查端口是否已经开启
[root@jzyue ~]# netstat -antp|grep 23tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN 1/systemd
5、测试telnet
使用同一网段的计算机使用telnet +IP地址连接服务器,输入用户名和密码,可通过telnet服务远程连接到服务器。
[root@jzyue ~]# telnet 172.26.152.68Trying 172.26.152.68...Connected to 172.26.152.68.Kernel 3.10.0-862.14.4.el7.x86_64 on an x86_64jzyue login: rootPassword:Last login: Thu May 30 09:27:56 from 221.130.253.135Welcome to Alibaba Cloud Elastic Compute Service !
二、升级openssh版本
1、查看openssh版本
[root@jzyue ~]# rpm -qa|grep opensshopenssh-clients-7.4p1-16.el7.x86_64openssh-server-7.4p1-16.el7.x86_64openssh-7.4p1-16.el7.x86_64
2、安装基础包
[root@jzyue ~]# yum install gcc gcc-c++ zlib zlib-devel openssl openssl-devel pam-devel -y
3、官网下载最新的源码包传到服务器
http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/
4、删除旧版本openssh
[root@jzyue scrips]# rpm -qa | grep opensshopenssh-clients-7.4p1-16.el7.x86_64openssh-server-7.4p1-16.el7.x86_64openssh-7.4p1-16.el7.x86_64[root@jzyue scrips]# rpm -e `rpm -qa | grep openssh` --nodeps
普及一下rpm命令参数:
安装一个包 rpm -ivh
升级一个包 rpm -Uvh
卸载一个包 rpm -e
查询一个包 rpm -q
列出所有安装包 rpm -qa
列出包中的文件 rpm -ql
5、编译安装
[root@jzyue scrips]# lsopenssh-8.0p1.tar.gz[root@jzyue scrips]# tar xf openssh-8.0p1.tar.gz[root@jzyue scrips]# lsopenssh-8.0p1 openssh-8.0p1.tar.gz[root@jzyue openssh-8.0p1]# ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-ssl --with-zlib --with-md5-passwords --with-pam[root@jzyue openssh-8.0p1]# make && make install
6、备份配置文件
[root@jzyue openssh-8.0p1]# cp -a /etc/ssh /etc/ssh_bak[root@jzyue openssh-8.0p1]# cp ssh_config /etc/ssh/cp: overwrite ‘/etc/ssh/ssh_config’? y[root@jzyue openssh-8.0p1]# cp sshd_config /etc/ssh/cp: overwrite ‘/etc/ssh/sshd_config’? y[root@jzyue openssh-8.0p1]# cp moduli /etc/ssh/cp: overwrite ‘/etc/ssh/moduli’? y[root@jzyue openssh-8.0p1]# cp contrib/redhat/sshd.init /etc/init.d/sshd
7、开启SSH服务,查看版本
[root@jzyue openssh-8.0p1]# /etc/init.d/sshd startReloading systemd: [ OK ]Starting sshd (via systemctl): [ OK ][root@jzyue openssh-8.0p1]# chkconfig sshd on[root@jzyue openssh-8.0p1]# ssh -VOpenSSH_8.0p1, OpenSSL 1.0.2k-fips 26 Jan 2017
╰半橙微兮°
Bertha 。
╰+攻爆jí腚メ
左手的ㄟ右手
还没有评论,来说两句吧...