# -----openssl安装
yum install -y gcc gcc-c++ glibc make autoconf openssl openssl-devel pcre-devel pam-devel
yum install -y pam* zlib*
tar xfz openssl-1.1.1k.tar.gz
chown -R root.root openssl-1.1.1k
cd openssl-1.1.1k/
mv /usr/bin/openssl /usr/bin/openssl_bak
mv /usr/include/openssl /usr/include/openssl_bak
./config --prefix=/usr/local/openssl --此处不能是解压包的地址,安装目录与解压目录不能相同 ,负责会报/include/openssl/aes.h' and '/usr/local/openssl/include/openssl/aes.h' are the same file
make && make install
ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/openssl/include/openssl /usr/include/openssl
echo "/usr/local/openssl/lib" >> /etc/ld.so.conf
ldconfig
openssl version -v
#openssh升级
1.安装依赖包 yum install gcc zlib-devel pam-devel liselinux-devev (pam-devel 一定要装)
2.下载安装包 openssh-8.6p1
3.tar -zxvf openssh-8.6p1
4.cd openssh-8.6p1
5. ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-zlib --with-tcp-wrappers --with-ssl-dir=/usr/local/openssl --without-hardening (--with-tcp-wrappers 可能会提示警告 不用管)
6.make && make install
7.vi /etc/ssh/sshd_config
修改两个地方
PermitRootlogin yes
PasswordAuthentication yes
8 systemctl restart sshd 堡垒机应该会断掉一下
9 systemctl status sshd
10 ssh -V
网友评论