服务器环境
CentOS Linux release 7.6.1810 (Core)
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
ssh 端口 默认22
**!!!友情提示:多开几个终端,做好备份,升级有风险**
安装yum依赖
[root@devops ~]# yum install -y gcc gcc-c++ glibc make autoconf openssl openssl-devel pcre-devel pam-devel
上传下载下来的二进制包到/opt下,解压缩进入目录、编译
cd /opt/
tar zxf openssl-1.1.1k.tar.gz
cd openssl-1.1.1k
./config --prefix=/usr/local/openssl
make && make install
./config -t
make depend
软连接到/usr/local/ssl
ln -s /usr/local/openssl /usr/local/ssl
echo /usr/local/openssl/lib >> /etc/ld.so.conf
ldconfig
配置环境变量
[root@devops ~]# vim /etc/profile
export OPENSSL=/usr/local/openssl/bin
export PATH=$OPENSSL:$PATH:$HOME/bin
[root@devops ~]# source /etc/profile
[root@devops ~]# ln -sf /usr/local/ssl/bin/openssl /usr/bin/openssl
[root@devops ~]# ln -sf /usr/local/ssl/include/openssl /usr/include/openssl
解压缩
cd /opt/
tar zxf openssh-8.6p1.tar.gz
cd /opt/openssh-8.6p1
备份老环境的ssh
mv /etc/ssh /etc/sshbak
mv /usr/bin/ssh /usr/bin/sshbak
mv /usr/sbin/sshd /usr/sbin/sshdbak
编译
./configure --prefix=/usr/ --sysconfdir=/etc/ssh --with-openssl-includes=/usr/local/ssl/include --with-ssl-dir=/usr/local/ssl --with-zlib --with-md5-passwords --with-pam && make && make install
echo $?
更改ssh配置文件
vim /etc/ssh/sshd_config
PermitRootLogin yes
PasswordAuthentication yes
UseDNS no
cp -a contrib/redhat/sshd.init /etc/init.d/sshd
cp -a contrib/redhat/sshd.pam /etc/pam.d/sshd.pam
chmod +x /etc/init.d/sshd
chkconfig --add sshd
rm -rf /usr/lib/systemd/system/sshd.service
systemctl daemon-reload
/etc/init.d/sshd restart
systemctl status sshd
重新新建一个终端 测试连接