Centos7&Ubuntu18升级openssl1.1.1和openssh9.5p1

注意:升级为9.3p2的话,只需要更换ssh的下载包即可

bash 复制代码
Centos7版本通用
#防火墙和selinux
systemctl stop firewalld.service
systemctl disable firewalld.service
setenforce 0
sed -i s#SELINUX=enforcing#SELINUX=disabled# /etc/selinux/config

#源配置
cd /etc/
tar zcvf yum.repos.d.tar.gz yum.repos.d
rm -rf /etc/yum.repos.d/*
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
yum clean all
yum makecache

#升级ssl
cd /tmp/
wget https://www.openssl.org/source/openssl-1.1.1w.tar.gz --no-check-certificate
tar xf openssl-1.1.1w.tar.gz
cd openssl-1.1.1w/
./config --prefix=/usr/local/openssl
make && make install
[ -e /usr/lib64/libssl.so.1.1 ] && rm -f /usr/lib64/libssl.so.1.1
[ -e /usr/lib64/libcrypto.so.1.1 ] && rm -f /usr/lib64/libcrypto.so.1.1
[ -e /usr/bin/openssl ] && rm -f /usr/bin/openssl
ln -s /usr/local/openssl/lib/libssl.so.1.1 /usr/lib64/libssl.so.1.1
ln -s /usr/local/openssl/lib/libcrypto.so.1.1 /usr/lib64/libcrypto.so.1.1
ln -sf /usr/local/openssl/bin/openssl /usr/bin/openssl
echo "/usr/local/openssl/lib" >> /etc/ld.so.conf
ldconfig

#升级ssh
cp -rp /etc/ssh /etc/ssh.bak
yum install -y openssl openssl-devel gcc gcc-c++ make zlib-devel
rpm -e   --nodeps `rpm -qa | grep openssh`
cd /root
wget https://mirrors.tuna.tsinghua.edu.cn/OpenBSD/OpenSSH/portable/openssh-9.5p1.tar.gz --no-check-certificate
tar -zxvf openssh-9.5p1.tar.gz -C ./
cd openssh-9.5p1/
./configure --prefix=/usr/ --sysconfdir=/etc/ssh/ --with-ssl-dir=/usr/local/openssl --with-md5-passwords --mandir=/usr/share/man/
make && make install

cat >/usr/lib/systemd/system/sshd.service<<EOF
[Unit]
Description=OpenSSH server daemon
Documentation=man:sshd(8) man:sshd_config(5)
After=network.target
[Service]
ExecStart=/usr/sbin/sshd
KillMode=process
[Install]
WantedBy=multi-user.target
EOF

sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin  yes/g' /etc/ssh/sshd_config
chmod 600 /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ed25519_key
systemctl enable sshd
systemctl start sshd

#恢复源
cd /etc/
rm -rf yum.repos.d
tar xf yum.repos.d.tar.gz
rm -f yum.repos.d.tar.gz



ubuntu18.04(测试16.04也行,应该都可以的!)
#备份
mv /etc/ssh/sshd_config{,.old}
cp /usr/sbin/sshd{,.old}
mv /etc/ssh{,.old}
cp /etc/init.d/ssh{,.old}
mkdir /opt/ssh.bak
cd /usr/bin/
mv ssh* sftp scp /opt/ssh.bak/

#安装依赖
apt install libzip-dev libssl-dev autoconf gcc libxml2 make xinetd -y

#安装包准备
mkdir ~/source_package
cd ~/source_package/
wget https://mirrors.tuna.tsinghua.edu.cn/OpenBSD/OpenSSH/portable/openssh-9.5p1.tar.gz --no-check-certificate
wget https://www.openssl.org/source/openssl-1.1.1w.tar.gz --no-check-certificate
for i in openssh-9.5p1.tar.gz  openssl-1.1.1w.tar.gz
do
    tar zxf $i -C /usr/local/src/
done

#编译安装ssl
cd /usr/local/src/openssl-1.1.1w/
./config --prefix=/usr/local --openssldir=/usr/local/openssl &>/dev/null
make  &>/dev/null
make install &>/dev/null
[ -e /usr/lib/libssl.so.1.1 ] && rm -f /usr/lib/libssl.so.1.1
[ -e /usr/lib/libcrypto.so.1.1 ] && rm -f /usr/lib/libcrypto.so.1.1
ln -s /usr/local/lib/libssl.so.1.1 /usr/lib/libssl.so.1.1
ln -s /usr/local/lib/libcrypto.so.1.1 /usr/lib/libcrypto.so.1.1
sed  -i  '1 a /usr/local' /etc/ld.so.conf.d/libc.conf
ldconfig

#ssh编译安装
systemctl stop sshd
cd /usr/local/src/openssh-9.5p1/
./configure --prefix=/usr/local --sysconfdir=/etc/ssh \
    --with-md5-passwords --with-zlib --with-ssl-dir=/usr/local \
    --with-privsep-path=/var/lib/sshd &>/dev/null
make &>/dev/null
make install &>/dev/null

#替换文件
cd /usr/bin/
mv ssh* sftp scp c_rehash openssl /tmp/ &>/dev/null
ln -s /usr/local/bin/* /usr/bin/ &>/dev/null
sed -i '32cPermitRootLogin yes' /etc/ssh/sshd_config
systemctl restart sshd
相关推荐
try2find几秒前
移动conda虚拟环境的安装目录
linux·运维·conda
笑衬人心。3 分钟前
Ubuntu 22.04 修改默认 Python 版本为 Python3 笔记
笔记·python·ubuntu
码农101号23 分钟前
Linux中容器文件操作和数据卷使用以及目录挂载
linux·运维·服务器
PanZonghui41 分钟前
Centos项目部署之Nginx 的安装与卸载
linux·nginx
PanZonghui1 小时前
Centos项目部署之安装数据库MySQL8
linux·后端·mysql
PanZonghui1 小时前
Centos项目部署之运行SpringBoot打包后的jar文件
linux·spring boot
PanZonghui1 小时前
Centos项目部署之Java安装与配置
java·linux
程序员弘羽1 小时前
Linux进程管理:从基础到实战
linux·运维·服务器
PanZonghui1 小时前
Centos项目部署之常用操作命令
linux
JeffersonZU1 小时前
Linux/Unix进程概念及基本操作(PID、内存布局、虚拟内存、环境变量、fork、exit、wait、exec、system)
linux·c语言·unix·gnu