Lion.

Appearance

OpenSSH升级

安装依赖

shell
yum install gcc pam-devel zlib-devel

下载openssl包与openssh包

shell
wget https://www.openssl.org/source/openssl-1.1.1o.tar.gz
wget https://cloudflare.cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.0p1.tar.gz

编译安装openssl

shell
tar -xf openssl-1.1.1o.tar.gz
cd openssl-1.1.1o
./config -Wl,-rpath,/usr/local/lib --prefix=/usr/local/openssl
make && make install

配置openssl

shell
mv /usr/bin/openssl{,.bak}  # 备份旧版本
ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/openssl/include/openssl/ /usr/include/openssl
echo '/usr/local/openssl/lib' >> /etc/ld.so.conf
ldconfig
openssl version  # 检查openssl版本

编译安装openssh

shell
mv /etc/ssh{,.bak}  # 备份旧版本
tar -xf openssh-9.0p1.tar.gz
cd openssh-9.0p1
./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh --with-ssl-dir=/usr/local/openssl/ --with-zlib --with-pam
make && make install

配置openssh

shell
mv /usr/bin/ssh{,.bak}
mv /usr/bin/ssh-keygen{,.bak}
mv /usr/sbin/sshd{,.bak}
ln -s /usr/local/openssh/bin/ssh /usr/bin/ssh
ln -s /usr/local/openssh/bin/ssh-keygen /usr/bin/ssh-keygen
ln -s /usr/local/openssh/sbin/sshd /usr/sbin/sshd
systemctl disable sshd --now
mv /usr/lib/systemd/system/sshd.service{,.bak}
cp openssh-9.0p1/contrib/redhat/sshd.init /etc/init.d/sshd
cp openssh-9.0p1/contrib/redhat/sshd.pam /etc/pam.d/sshd  # 这步有问题,最好用旧文件
chkconfig --add sshd
systemctl restart sshd

optional:卸载旧服务

shell
yum remove openssh