使用介绍:
脚本可以判断centos6,和centos7系统版本来对openssh进行升级
centos7升级openssh到9.0
centos6升级openssh到8.0
需要有可用的源下载依赖,openssh安装包可以在官网找,脚本wget那一步可以进行修改。
脚本内容如下
#!/bin/bash
source ~/.bashrc
#centos7修复函数
function centos7(){
yum install -y openssl openssl-devel gcc gcc-c++ make zlib-devel
rpm -e --nodeps `rpm -qa |grep openssh`
cd /root
#下载新版本安装包
wget https://mirrors.hirain.com/package/ssh/openssh-9.0p1.tar.gz
tar -zxvf openssh-9.0p1.tar.gz -C ./
cd openssh-9.0p1
编译
./configure --prefix=/usr/ --sysconfdir=/etc/ssh/ --with-ssl-dir=/usr/local/ssl --with-md5-passwords --mandir=/usr/share/man
make&& make install
chmod 600 /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ed25519_key
cat >> /usr/lib/systemd/system/sshd.service << EOF
[Unit]
Description=OpenSSH server daemon
Documentation=man:ssh(8) man:sshd_config(5)
After=network.target
[Service]
ExecStart=/usr/sbin/sshd
[Install]
WantedBy=multi-user.target
EOF
sed -i '32a PermitRootLogin yes' /etc/ssh/sshd_config && sed -i '13a Port 22' /etc/ssh/sshd_config
#重启服务
systemctl enable sshd
systemctl restart sshd
#检查ssh版本
ssh -V
}
function centos6(){
cp -rp /etc/ssh /etc/ssh.bak
yum install -y gcc zlib zlib-devel openssl-devel
cd /root
wget https://mirrors.hirain.com/package/ssh/openssh-8.0p1.tar.gz
#安装
tar -xf openssh-8.0p1.tar.gz
cd openssh-8.0p1
./configure && make&&make install
sed -i 's#SSHD=/usr/sbin/sshd#SSHD=/usr/local/sbin/sshd#g' /etc/rc.d/init.d/sshd
sed -i '32a PermitRootLogin yes' /usr/local/etc/sshd_config
service sshd restart
ssh -V
}
function repairopenssh(){
systemver=`cat /etc/redhat-release|sed -r 's/.* ([0-9]+)\..*/\1/'`
if [[ $systemver = "6" ]];then
echo "当前是Centos6系统,执行centos6修复脚本"
centos6
else
echo "当前是Centos7系统,执行centos7修复脚本"
centos7
fi
}
repairopenssh
网友评论