OpenSSH_6.2p2升级到OpenSSH_7.3p1
OpenSSH_6.2p2升级到OpenSSH_7.3p1 ......................................................................................... 1 前言 .................................................................................................................................................. 2 一:检查依赖软件 ........................................................................................................................... 3
#安装必要的gcc, gcc-c++编译工具以及libopenssl-devel,pam-devel,zlib-deve 3 二:安装OpenSSL ............................................................................................................................ 4
2.1.检查系统自带的openssl ................................................................................................ 4 2.2.检查openssl版本 ........................................................................................................... 4 2.3.检查openssl安装文件以及路径 ................................................................................... 4 2.4备份上述文件,/usr/bin/X11/openssl为/usr/bin/openssl的软链接 .................. 5 2.5安装zlib-1.2.8 ............................................................................................................... 5 三:升级openssl ............................................................................................................................ 6
3.1安装openssl-fips-2.0.13 ............................................................................................. 6 3.2 检查安装好后的目录文件 ............................................................................................. 6 3.3安装openssl-1.0.2h ....................................................................................................... 6 3.4查看安装好的/usr/local/openssl目录文件 ............................................................... 7 3.5 查看/etc/ssl目录 ........................................................................................................ 7 3.6配置升级后的openssl的相关目录(链接openssl程序) ........................................ 7 3.7查看升级的openssl版本 ................................................................................................ 8 四:卸载系统原有的OpenSSH ........................................................................................................ 8
4.1停止sshd服务 .................................................................................................................. 8 4.2卸载openssh ..................................................................................................................... 8 五:升级OpenSSH ............................................................................................................................ 9
5.1安装openssh7.3p1 ........................................................................................................... 9 5.2 查看升级后的版本 ......................................................................................................... 9 5.3 拷贝sshd启动脚本,contrib/目录下对应系统的启动脚本 ................................... 9 5.4启动并设置开机启动 ...................................................................................................... 10 5.5修改sshd 文件 ............................................................................................................... 10 六:升级过程可能会出现的经典错误 ......................................................................................... 10
6.1编译openssh时,出现找不到pam-devel ................................................................... 10 6.2编译过程中出现libpam missing ................................................................................. 10 6.3编译过程出现host-key Error 255 ............................................................................. 11 6.4编译过程中出现错误configure: error: *** Can't find recent OpenSSL libcrypto (see config.log for details) *** ................................................................................. 11 6.5编译openssh依赖的是openssl是老版本 .................................................................. 12 6.7升级后ssh无法正常登录 .............................................................................................. 12
前言
OpenSSH概念:
OpenSSH是实现远程控制、远程加密传输数据的安全的网络连接工具,也就是为我们提供ssh服务的程序。SSH由服务端和客户端组成,服务端是一个守护进程(sshd),在后台运行并响应客户端的连接请求;客户端包含ssh(openssh-clients)、scp、rsync、slogin、sftp等应用程序。
SSH服务本身提供了一种安全加密的数据传输方式。在一些比较旧的Linux系统版本中,多数是openssh 5版本。而目前OpenSSH已更新到OpenSSH 7.X版本,修复许多存在的安全漏洞,也是较为安全的版本。OpenSSH官网:http://www.openssh.com
系统要求:SUSE Linux Enterprise Server 11 SP3 (x86_64) 安装软件包前提准备:
一:检查依赖软件
#安装必要的gcc, gcc-c++编译工具以及libopenssl-devel,pam-devel,zlib-deve
#zypper in -y gcc gcc-c++
#rpm -ivh libopenssl-devel-1.0.1i-21.1.x86_64.rpm --nodeps --force
#rpm -ivh pam-devel-1.1.8-18.el7.x86_64.rpm --nodeps --force
#rpm -ivh zlib-devel-1.2.8-10.1.x86_64.rpm