跳到主要内容

实战:centos7.9-ssh86升级-2022.12.27(测试成功)

实战:centos7.9-ssh86升级-2022.12.27(测试成功)

img

1、适用环境

centos76/centos79最小化环境;
升级后的ssh版本:openssh-8.6p1 openssl-1.1.1g
具备本地yum源;

2、使用方法

(1)将脚本上传到/root目录下
(2)执行脚本:sh ssh86.sh

3、脚本位置

https://onedayxyy.cn/scripts/ssh_upgrade/ssh86_centos7.9_2022.12.27/

[root@docusaurus-wiki ssh86_centos7.9_2022.12.27]#ll -h
total 13M
-rw-rw-rw- 1 root root 1.6K Jan 18 2023 ssh86.sh
-rw-rw-rw- 1 root root 13M Oct 25 00:57 ssh86.zip
[root@docusaurus-wiki ssh86_centos7.9_2022.12.27]#

ssh86.sh脚本内容:

#!/bin/bash

systemctl stop firewalld
systemctl disable firewalld

systemctl stop NetworkManager
systemctl disable NetworkManager

setenforce 0
sed -i s/SELINUX=enforcing/SELINUX=disabled/ /etc/selinux/config



yum -y install gcc pam.x86_64 pam-devel.x86_64 krb5-devel.x86_64 pam_krb5.x86_64 krb5-server.x86_64 krb5-libs.x86_64 perl.x86_64 unzip

mkdir -p /root/update_ssh/
cd /root/
mv ssh86.zip update_ssh/
cd /root/update_ssh/
unzip ssh86.zip
tar -xvf zlib-1.2.11.tar.gz
tar -xvf openssl-1.1.1g.tar.gz
unzip openssh-8.6p1_7.3up.zip

tar -jxvf dropbear_for_centos7.tar.bz2 -C /usr/local
netstat -wnlpt |grep :5333
cd /usr/local/dropbear && ./dropbear_server.sh start

cd /root/update_ssh/zlib-1.2.11
./configure --prefix=/usr && make -j20 && make install
ldconfig -v

cd /root/update_ssh/openssl-1.1.1g
./config --prefix=/usr/ shared zlib
make && make install
openssl version -a

yum -y install systemd-devel
cd /root/update_ssh/
chmod -R 700 openssh-8.6p1
cd openssh-8.6p1
LIBS='-lsystemd' ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-ssl-dir=/etc/pki/tls --mandir=/usr/share/man --with-zlib --with-pam --with-md5-passwords --with-kerberos5
make -j20 && make install

chmod 600 /etc/ssh/ssh_host_*_key
sed -i "s/#PermitRootLogin/PermitRootLogin/g" /etc/ssh/sshd_config
sed -i "s/#Port 22/Port 5151/g" /etc/ssh/sshd_config
cd /usr/local/dropbear && ./dropbear_server.sh stop

systemctl restart sshd
rm -rf /root/update_ssh/