Rootop 服务器运维与web架构

升级openssh到8.8p1版本

# 升级之前可以做个快照,防止升级失败连不上服务器。
步骤:

[root@MiWiFi-RA69-srv ~]# yum install pam-devel libselinux-devel zlib-devel openssl-devel -y 

[root@MiWiFi-RA69-srv ~]# wget -c https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.8p1.tar.gz
[root@MiWiFi-RA69-srv ~]# tar zxvf openssh-8.8p1.tar.gz

[root@MiWiFi-RA69-srv openssh-8.8p1]# ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-zlib --with-tcp-wrappers --with-ssl-dir=/usr/local/ssl --without-hardening
[root@MiWiFi-RA69-srv openssh-8.8p1]# make
[root@MiWiFi-RA69-srv openssh-8.8p1]# make install
# 提示一个权限问题
Permissions 0640 for '/etc/ssh/ssh_host_ed25519_key' are too open.

[root@MiWiFi-RA69-srv openssh-8.8p1]# cd /etc/ssh/
[root@MiWiFi-RA69-srv ssh]# chmod 600 *_key

[root@MiWiFi-RA69-srv openssh-8.8p1]# cp -a contrib/redhat/sshd.init /etc/init.d/sshd
[root@MiWiFi-RA69-srv openssh-8.8p1]# cp -a contrib/redhat/sshd.pam /etc/pam.d/sshd.pam
[root@MiWiFi-RA69-srv openssh-8.8p1]# chmod u+x /etc/init.d/sshd

[root@MiWiFi-RA69-srv openssh-8.8p1]# cat /etc/ssh/sshd_config | grep -v -E "^#|^$"
PermitRootLogin yes
AuthorizedKeysFile	.ssh/authorized_keys
PasswordAuthentication yes
Subsystem	sftp	/usr/libexec/sftp-server

[root@MiWiFi-RA69-srv openssh-8.8p1]# chkconfig --add sshd
[root@MiWiFi-RA69-srv openssh-8.8p1]# chkconfig sshd on

[root@MiWiFi-RA69-srv openssh-8.8p1]# service sshd restart

[root@MiWiFi-RA69-srv openssh-8.8p1]# ssh -V
OpenSSH_8.8p1, OpenSSL 1.0.2k-fips  26 Jan 2017

原创文章,转载请注明。本文链接地址: https://www.rootop.org/pages/5035.html

作者:Venus

专注于 服务器运维与性能优化 联系方式:https://www.rootop.org/about

评论已关闭。