1、openssh的网站
OpenSSH官方网站
2、下载安装包
https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-9.3.tar.gz
# cd /usr/src/usr.bin # tar zxvf .../openssh-9.3.tar.gz # cd ssh # make obj # make cleandir # make depend # make # make install # cp ssh_config sshd_config /etc/ssh # (optional)
3、拷贝软件包
192.168.10.240[root@test240soft 10:09]#wget http://yum.xxxx.cn/openssh/openssh-9.3p1.tar.gz
--2023-04-20 10:09:56-- http://yum.xxxx.cn/openssh/openssh-9.3p1.tar.gz
Resolving yum.xxxx.cn (yum.xxxx.cn)... x.x.x.x
Connecting to yum.xxxx.cn (yum.xxxx.cn)|x.x.x.x|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1856839 (1.8M) [application/x-gzip]
Saving to: ‘openssh-9.3p1.tar.gz’
100%[=========================================>] 1,856,839 --.-K/s in 0.04s
2023-04-20 10:09:56 (41.7 MB/s) - ‘openssh-9.3p1.tar.gz’ saved [1856839/1856839]
192.168.10.240[root@test240soft 10:12]#wget http://yum.xxxx.cn/openssh/x11-ssh-askpass-1.2.4.1.tar.gz
--2023-04-20 10:13:09-- http://yum.xxxx.cn/openssh/x11-ssh-askpass-1.2.4.1.tar.gz
Resolving yum.xxxx.cn (yum.xxxx.cn)... x.x.x.x
Connecting to yum.xxxx.cn (yum.xxxx.cn)|x.x.x.x|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 29229 (29K) [application/x-gzip]
Saving to: ‘x11-ssh-askpass-1.2.4.1.tar.gz’
100%[=========================================>] 29,229 --.-K/s in 0s
2023-04-20 10:13:09 (71.2 MB/s) - ‘x11-ssh-askpass-1.2.4.1.tar.gz’ saved [29229/29229]
4、安装telnet,telnet-server,xinetd(以防万一ssh出问题不能登录)
192.168.10.240[root@test240soft 10:20]#yum -y install telnet
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package telnet.x86_64 1:0.17-65.el7_8 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=========================================================================
Package Arch Version Repository Size
=========================================================================
Installing:
telnet x86_64 1:0.17-65.el7_8 inner 64 k
Transaction Summary
=========================================================================
Install 1 Package
Total download size: 64 k
Installed size: 113 k
Downloading packages:
telnet-0.17-65.el7_8.x86_64.rpm | 64 kB 00:00:20
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : 1:telnet-0.17-65.el7_8.x86_64 1/1
Verifying : 1:telnet-0.17-65.el7_8.x86_64 1/1
Installed:
telnet.x86_64 1:0.17-65.el7_8
Complete!
192.168.10.240[root@test240soft 10:13]#yum -y install telnet-server
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package telnet-server.x86_64 1:0.17-65.el7_8 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===================================================================================
Package Arch Version Repository Size
=========================================================================
Installing:
telnet-server x86_64 1:0.17-65.el7_8 inner 41 k
Transaction Summary
=========================================================================
Install 1 Package
Total download size: 41 k
Installed size: 55 k
Downloading packages:
telnet-server-0.17-65.el7_8.x86_64.rpm | 41 kB 00:00:10
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : 1:telnet-server-0.17-65.el7_8.x86_64 1/1
Verifying : 1:telnet-server-0.17-65.el7_8.x86_64 1/1
Installed:
telnet-server.x86_64 1:0.17-65.el7_8
安装xinetd软件包并测试正常工作
192.168.10.240[root@test240soft 10:15]#yum -y install xinetd
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package xinetd.x86_64 2:2.3.15-14.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=========================================================================
Package Arch Version Repository Size
===================================================================================
Installing:
xinetd x86_64 2:2.3.15-14.el7 inner 128 k
Transaction Summary
=========================================================================
Install 1 Package
Total download size: 128 k
Installed size: 261 k
Downloading packages:
xinetd-2.3.15-14.el7.x86_64.rpm | 128 kB 00:00:20
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : 2:xinetd-2.3.15-14.el7.x86_64 1/1
Verifying : 2:xinetd-2.3.15-14.el7.x86_64 1/1
Installed:
xinetd.x86_64 2:2.3.15-14.el7
192.168.10.240[root@test240soft 10:18]#chkconfig --level 35 xinetd on
Note: Forwarding request to 'systemctl enable xinetd.service'.
192.168.10.240[root@test240soft 10:19]#service xinetd start
Redirecting to /bin/systemctl start xinetd.service
192.168.10.240[root@test240soft 10:19]#chkconfig telnet on
Note: Forwarding request to 'systemctl enable telnet.socket'.
Created symlink from /etc/systemd/system/sockets.target.wants/telnet.socket to /usr/lib/systemd/system/telnet.socket.
192.168.10.240[root@test240soft 10:23]#systemctl enable telnet.socket
192.168.10.240[root@test240soft 10:23]#systemctl start telnet.socket
192.168.10.240[root@test240soft 10:23]#telnet 127.0.0.1
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
6、关闭防火墙
192.168.10.240[root@test240soft 10:25]#systemctl stop firewalld.service
192.168.10.240[root@test240soft 10:25]#systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
Apr 20 07:21:07 test240 systemd[1]: Starting firewalld - dynamic firewall daemon...
Apr 20 07:21:08 test240 systemd[1]: Started firewalld - dynamic firewall daemon.
Apr 20 07:21:08 test240 firewalld[1031]: WARNING: AllowZoneDrifting is enabled...w.
Apr 20 10:25:13 test240 systemd[1]: Stopping firewalld - dynamic firewall daemon...
Apr 20 10:25:14 test240 systemd[1]: Stopped firewalld - dynamic firewall daemon.
Hint: Some lines were ellipsized, use -l to show in full.
7、关闭SELINNUX
192.168.10.240[root@test240soft 10:26]#cat /etc/selinux/config | grep -i disabled
# disabled - No SELinux policy is loaded.
SELINUX=disabled
8、安装开发包和需用的模块
192.168.10.240[root@test240~ 10:27]#yum -y groupinstall "Development tools"
Loaded plugins: fastestmirror, langpacks
There is no installed groups file.
Maybe run: yum groups mark convert (see man yum)
Loading mirror speeds from cached hostfile
Warning: Group development does not have any packages to install.
Maybe run: yum groups mark install (see man yum)
No packages in any requested group available to install or update
192.168.10.240[root@test240~ 10:28]#yum -y install pam-devel rpm-build rpmdevtools zlib-devel krb5-devel tcp_wrappers tcp_wrappers-devel tcp_wrappers-libs libX11-devel xmkmf libXt-devel wget
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
Package pam-devel-1.1.8-23.el7.x86_64 already installed and latest version
Package rpm-build-4.11.3-45.el7.x86_64 already installed and latest version
Package zlib-devel-1.2.7-18.el7.x86_64 already installed and latest version
Package krb5-devel-1.15.1-50.el7.x86_64 already installed and latest version
Package tcp_wrappers-7.6-77.el7.x86_64 already installed and latest version
Package tcp_wrappers-devel-7.6-77.el7.x86_64 already installed and latest version
Package tcp_wrappers-libs-7.6-77.el7.x86_64 already installed and latest version
Package libX11-devel-1.6.7-2.el7.x86_64 already installed and latest version
Package libXt-devel-1.1.5-3.el7.x86_64 already installed and latest version
Package wget-1.14-18.el7_6.1.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package imake.x86_64 0:1.0.5-10.el7 will be installed
---> Package rpmdevtools.noarch 0:8.3-7.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===================================================================================
Package Arch Version Repository Size
===================================================================================
Installing:
imake x86_64 1.0.5-10.el7 inner 262 k
rpmdevtools noarch 8.3-7.el7 inner 97 k
Transaction Summary
=========================================================================
Install 2 Packages
Total download size: 359 k
Installed size: 1.4 M
Downloading packages:
(1/2): imake-1.0.5-10.el7.x86_64.rpm | 262 kB 00:00:10
(2/2): rpmdevtools-8.3-7.el7.noarch.rpm | 97 kB 00:00:10
-----------------------------------------------------------------------------------
Total 34 kB/s | 359 kB 00:10
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : rpmdevtools-8.3-7.el7.noarch 1/2
Installing : imake-1.0.5-10.el7.x86_64 2/2
Verifying : imake-1.0.5-10.el7.x86_64 1/2
Verifying : rpmdevtools-8.3-7.el7.noarch 2/2
Installed:
imake.x86_64 0:1.0.5-10.el7 rpmdevtools.noarch 0:8.3-7.el7
Complete!
192.168.10.240[root@test240~ 10:29]#yum -y update openssl openssl-devel
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
No packages marked for update
9、建立目录结构
192.168.10.240[root@test240~ 10:29]#cd ~
192.168.10.240[root@test240~ 10:31]#mkdir rpmbuild
192.168.10.240[root@test240~ 10:31]#cd rpmbuild
192.168.10.240[root@test240rpmbuild 10:31]#mkdir -pv {BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS}
mkdir: created directory ‘BUILD’
mkdir: created directory ‘BUILDROOT’
mkdir: created directory ‘RPMS’
mkdir: created directory ‘SOURCES’
mkdir: created directory ‘SPECS’
mkdir: created directory ‘SRPMS’
10、openssh-9.3p1.spec产生这个文件
192.168.10.240[root@test240rpmbuild 10:31]#cd SOURCES/
192.168.10.240[root@test240SOURCES 10:32]#\cp /soft/openssh-9.3p1.tar.gz .
192.168.10.240[root@test240SOURCES 10:32]##\cp /soft/x11-ssh-askpass-1.2.4.1.tar.gz .
192.168.10.240[root@test240SOURCES 10:32]#cd ../SPECS/
192.168.10.240[root@test240SPECS 10:32]#tar xfz ../SOURCES/openssh-9.3p1.tar.gz openssh-9.3p1/contrib/redhat/openssh.spec
192.168.10.240[root@test240SPECS 10:32]#\mv openssh-9.3p1/contrib/redhat/openssh.spec openssh-9.3p1.spec
192.168.10.240[root@test240SPECS 10:32]#rm -rf openssh-9.3p1
192.168.10.240[root@test240SPECS 10:33]#ls -l
total 32
-rw-r--r-- 1 avicroot avicroot 30082 Mar 16 05:28 openssh-9.3p1.spec
11、修改文件参数1
sed -i -e "s/%define no_gnome_askpass 0/%define no_gnome_askpass 1/g" openssh-9.3p1.spec
sed -i -e "s/%define no_x11_askpass 0/%define no_x11_askpass 1/g" openssh-9.3p1.spec
sed -i -e "s/BuildPreReq/BuildRequires/g" openssh-9.3p1.spec
sed -i -e "s/%global no_gnome_askpass 0/%global no_gnome_askpass 1/g" openssh-9.3p1.spec
sed -i -e "s/%global no_x11_askpass 0/%global no_x11_askpass 1/g" openssh-9.3p1.spec
sed -i -e "s/BuildPreReq/BuildRequires/g" openssh-9.3p1.spec
12、修改文件参数2
vim openssh-9.3p1.spec
103行,注释掉
192.168.10.240[root@test240SPECS 10:48]#cat -n openssh-9.3p1.spec | grep -i 103
103 #BuildRequires: openssl-devel < 1.1
文章来源地址https://www.toymoban.com/news/detail-805777.html
13、修改文件参数3
vi /usr/lib/rpm/macros
查找%__check_files
注释掉
文章来源:https://www.toymoban.com/news/detail-805777.html
14、开始编译
rpmbuild -bb openssh-9.3p1.spec
......
Wrote: /root/rpmbuild/RPMS/x86_64/openssh-9.3p1-1.el7.x86_64.rpm
Wrote: /root/rpmbuild/RPMS/x86_64/openssh-clients-9.3p1-1.el7.x86_64.rpm
Wrote: /root/rpmbuild/RPMS/x86_64/openssh-server-9.3p1-1.el7.x86_64.rpm
Wrote: /root/rpmbuild/RPMS/x86_64/openssh-debuginfo-9.3p1-1.el7.x86_64.rpm
Executing(%clean): /bin/sh -e /var/tmp/rpm-tmp.Pu5f9w
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd openssh-9.3p1
+ rm -rf /root/rpmbuild/BUILDROOT/openssh-9.3p1-1.el7.x86_64
+ exit 0
15、保存sshd文件
cp /etc/pam.d/sshd /etc/pam.d/sshd.source
16、安装软件
192.168.10.240[root@test240SPECS 10:58]#cd ../RPMS/x86_64/
192.168.10.240[root@test240x86_64 10:59]#ls -l
total 4944
-rw-r--r-- 1 root root 667996 Apr 20 10:57 openssh-9.3p1-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 640624 Apr 20 10:57 openssh-clients-9.3p1-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 3272196 Apr 20 10:57 openssh-debuginfo-9.3p1-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 472364 Apr 20 10:57 openssh-server-9.3p1-1.el7.x86_64.rpm
192.168.10.240[root@test240x86_64 10:59]#yum -y install *9.3*
Loaded plugins: fastestmirror, langpacks
Examining openssh-9.3p1-1.el7.x86_64.rpm: openssh-9.3p1-1.el7.x86_64
Marking openssh-9.3p1-1.el7.x86_64.rpm as an update to openssh-7.4p1-21.el7.x86_64
Examining openssh-clients-9.3p1-1.el7.x86_64.rpm: openssh-clients-9.3p1-1.el7.x86_64
Marking openssh-clients-9.3p1-1.el7.x86_64.rpm as an update to openssh-clients-7.4p1-21.el7.x86_64
Examining openssh-debuginfo-9.3p1-1.el7.x86_64.rpm: openssh-debuginfo-9.3p1-1.el7.x86_64
Marking openssh-debuginfo-9.3p1-1.el7.x86_64.rpm to be installed
Examining openssh-server-9.3p1-1.el7.x86_64.rpm: openssh-server-9.3p1-1.el7.x86_64
Marking openssh-server-9.3p1-1.el7.x86_64.rpm as an update to openssh-server-7.4p1-21.el7.x86_64
Resolving Dependencies
--> Running transaction check
---> Package openssh.x86_64 0:7.4p1-21.el7 will be updated
---> Package openssh.x86_64 0:9.3p1-1.el7 will be an update
---> Package openssh-clients.x86_64 0:7.4p1-21.el7 will be updated
---> Package openssh-clients.x86_64 0:9.3p1-1.el7 will be an update
---> Package openssh-debuginfo.x86_64 0:9.3p1-1.el7 will be installed
---> Package openssh-server.x86_64 0:7.4p1-21.el7 will be updated
---> Package openssh-server.x86_64 0:9.3p1-1.el7 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
=========================================================================
Package Arch Version Repository Size
=========================================================================
Installing:
openssh-debuginfo x86_64 9.3p1-1.el7 /openssh-debuginfo-9.3p1-1.el7.x86_64 16 M
Updating:
openssh x86_64 9.3p1-1.el7 /openssh-9.3p1-1.el7.x86_64 3.0 M
openssh-clients x86_64 9.3p1-1.el7 /openssh-clients-9.3p1-1.el7.x86_64 2.4 M
openssh-server x86_64 9.3p1-1.el7 /openssh-server-9.3p1-1.el7.x86_64 1.1 M
Transaction Summary
=========================================================================
Install 1 Package
Upgrade 3 Packages
Total size: 22 M
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : openssh-9.3p1-1.el7.x86_64 1/7
Updating : openssh-server-9.3p1-1.el7.x86_64 2/7
Updating : openssh-clients-9.3p1-1.el7.x86_64 3/7
Installing : openssh-debuginfo-9.3p1-1.el7.x86_64 4/7
Cleanup : openssh-clients-7.4p1-21.el7.x86_64 5/7
Cleanup : openssh-server-7.4p1-21.el7.x86_64 6/7
Cleanup : openssh-7.4p1-21.el7.x86_64 7/7
Verifying : openssh-9.3p1-1.el7.x86_64 1/7
Verifying : openssh-server-9.3p1-1.el7.x86_64 2/7
Verifying : openssh-clients-9.3p1-1.el7.x86_64 3/7
Verifying : openssh-debuginfo-9.3p1-1.el7.x86_64 4/7
Verifying : openssh-clients-7.4p1-21.el7.x86_64 5/7
Verifying : openssh-7.4p1-21.el7.x86_64 6/7
Verifying : openssh-server-7.4p1-21.el7.x86_64 7/7
Installed:
openssh-debuginfo.x86_64 0:9.3p1-1.el7
Updated:
openssh.x86_64 0:9.3p1-1.el7 openssh-clients.x86_64 0:9.3p1-1.el7 openssh-server.x86_64 0:9.3p1-1.el7
Complete!
17、恢复文件
192.168.10.240[root@test240x86_64 11:00]#cp /etc/pam.d/sshd.source /etc/pam.d/sshd
cp: overwrite ‘/etc/pam.d/sshd’? yes
18、修改/etc/ssh/sshd_config文件
19、重启服务
service sshd restart
20、检查错误信息
21、修改目录权限
cd /etc/ssh
ls -l sshd_config*
head -n 1 sshd_config
# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $
chmod 0600 *key
22、再次重启服务正常
23、检查版本信息
24、远程登录测试
25、禁用telnet-server
到了这里,关于Centos 7.9的openssh如何升级的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!