官网下载:https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/
[root@localhost ~]# yum install -y wget net-tools [root@localhost ~]# wget -c https://www.openssl.org/source/openssl-3.1.4.tar.gz --no-check-certificate [root@localhost ~]# wget -c https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.5p1.tar.gz # 安装cmd.pm模块,不然编译的时候会引发【Can‘t locate IPC/Cmd.pm in @INC】错误。 [root@localhost ~]# yum install -y perl-CPAN perl-IPC-Cmd gcc gcc-c++ [root@localhost ~]# tar zxvf openssl-3.1.4.tar.gz [root@localhost ~]# tar zxvf openssh-9.5p1.tar.gz # 安装openssl 3.1.4版本 [root@localhost ~]# cd openssl-3.1.4 [root@localhost openssl-3.1.4]# ./config --prefix=/usr/local/openssl [root@localhost openssl-3.1.4]# make [root@localhost openssl-3.1.4]# make install [root@localhost openssl-3.1.4]# /usr/local/openssl/bin/openssl version /usr/local/openssl/bin/openssl: error while loading shared libraries: libssl.so.3: cannot open shared object file: No such file or directory [root@localhost openssl-3.1.4]# ldd /usr/local/openssl/bin/openssl linux-vdso.so.1 => (0x00007fff9b5ad000) libssl.so.3 => not found libcrypto.so.3 => not found libdl.so.2 => /lib64/libdl.so.2 (0x00007f0cfe5c4000) libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f0cfe3a8000) libc.so.6 => /lib64/libc.so.6 (0x00007f0cfdfda000) /lib64/ld-linux-x86-64.so.2 (0x00007f0cfe7c8000) # 可以看到2个库文件未找到 libssl.so.3 => not found libcrypto.so.3 => not found # 创建软连接,可以find搜索下然后创建软连接 [root@localhost openssl-3.1.4]# ln -s /usr/local/openssl/lib64/libssl.so.3 /usr/lib64/libssl.so.3 [root@localhost openssl-3.1.4]# ln -s /usr/local/openssl/lib64/libcrypto.so.3 /usr/lib64/libcrypto.so.3 [root@localhost openssl-3.1.4]# /usr/local/openssl/bin/openssl version OpenSSL 3.1.4 24 Oct 2023 (Library: OpenSSL 3.1.4 24 Oct 2023) # 安装openssh9.5 [root@localhost openssl-3.1.4]# yum install pam-devel libselinux-devel zlib-devel -y [root@localhost openssl-3.1.4]# rpm -e --nodeps $(rpm -qa | grep openssh) [root@localhost openssl-3.1.4]# rm -f /etc/ssh/* [root@localhost openssl-3.1.4]# cd ../openssh-9.5p1 [root@localhost openssh-9.5p1]# ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-zlib --with-tcp-wrappers --with-ssl-dir=/usr/local/openssl --without-hardening [root@localhost openssh-9.5p1]# make && make install [root@localhost openssh-9.5p1]# cp contrib/redhat/sshd.init /etc/init.d/sshd [root@localhost openssh-9.5p1]# cp contrib/redhat/sshd.pam /etc/pam.d/sshd [root@localhost openssh-9.5p1]# echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config [root@localhost openssh-9.5p1]# echo "PermitRootLogin yes" >> /etc/ssh/sshd_config # 修改日志到/var/log/secure [root@localhost openssh-9.5p1]# sed -i 's/#SyslogFacility AUTH/SyslogFacility AUTHPRIV/g' /etc/ssh/sshd_config # 服务管理 [root@localhost openssh-9.5p1]# cat /usr/lib/systemd/system/sshd.service [Unit] Description=OpenSSH server daemon After=network.target [Service] Type=simple ExecStart=/usr/sbin/sshd -D $OPTIONS ExecReload=/bin/kill -HUP $MAINPID KillMode=process Restart=on-failure RestartSec=42s [Install] WantedBy=multi-user.target [root@localhost openssh-9.5p1]# systemctl daemon-reload [root@localhost openssh-9.5p1]# systemctl start sshd [root@localhost openssh-9.5p1]# systemctl enable sshd # 升级openssh后调不到/usr/local/bin 下的命令 [root@localhost ~]# vi .bash_profile PATH=$PATH:$HOME/bin:/usr/local/bin [root@localhost ~]# source .bash_profile
原创文章,转载请注明。本文链接地址: https://www.rootop.org/pages/5374.html