#编译安装依赖性
yum install -y wget gcc pam-devel libselinux-devel zlib-devel openssl-devel
cd /usr/local/src
wget -O openssh.tar.gz https://mirrors.aliyun.com/pub/OpenBSD/OpenSSH/portable/openssh-9.0p1.tar.gz
#备份ssh配置文件
cp /etc/ssh/sshd_config sshd_config.backup
cp /etc/pam.d/sshd sshd.backup
#删除低版本ssh
rpm -e --nodeps `rpm -qa | grep openssh`
#install
tar -zxvf openssh.tar.gz
cd openssh-9.0p1
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-zlib --with-tcp-wrappers --with-ssl-dir=/usr/local/ssl --without-hardening
make && make install
#配置权限
chmod 600 /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ed25519_key
#cp 文件
cp -a contrib/redhat/sshd.init /etc/init.d/sshd
chmod u+x /etc/init.d/sshd
#还原
mv ../sshd.backup /etc/pam.d/sshd
chkconfig --add sshd
chkconfig sshd on
systemctl restart sshd
ssh -V
#clear
rm -rf /usr/local/src/openssh*
#解决升级后jumpserver无法ssh
vim /etc/ssh/sshd_config
PubkeyAcceptedKeyTypes ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512
HostKeyAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss
网友评论