OpenSSH从7.4升级到9.8的过程 亲测--图文详解
一、下载软件
下载openssh 下载地址: Downloads | Library
下载openssl
Index of /pub/OpenBSD/OpenSSH/
zlib Home Site
安装的 openssl-3.3.1.tar.gz ,安装3.3.2有问题 安装有问题,
二、安装依赖
yum install -y perl-CPAN perl-ExtUtils-CBuilder perl-ExtUtils-MakeMaker
编译 执行./config --prefix=/usr/local/openssl --shared 生成MakeFile文件
./config --prefix=/usr/local/openssl --shared
make -j4 && make -j4 install
#路径写入etc/ld.so.conf
echo '/usr/local/openssl/lib64' >> /etc/ld.so.conf#备份ssh配置文件
cp -p /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
cp -p /usr/sbin/sshd /usr/sbin/sshd.bak
cp -p /usr/bin/ssh /usr/bin/ssh.bak
cp -p /usr/bin/ssh-keygen /usr/bin/ssh-keygen.bak
cp -p /etc/ssh/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub.bak8.删除旧的软链接
rm -rf /usr/bin/openssl
rm -rf /usr/include/openssl
rm -rf /usr/lib64/libssl.so
rm -rf /usr/lib64/libcrypto.so.1.0.2k
9.创建新的openssl软链接
ln -s /usr/local/openssl/include/openssl /usr/include/openssl
ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/openssl/lib/libssl.so.3 /usr/lib64/libssl.so
ln -s /usr/local/openssl/lib/libcrypto.so.3 /usr/lib64/libcrypto.so.3
which
使修改后的/etc/ld.so.conf生效
ldconfig -v验证是否成功安装
查看openssl版本
openssl version -a
用浏览器打开下载 http://www.zlib.net/zlib-1.2.11.tar.gz 可以去官网自己下载
tar -xvzf zlib-1.2.11.tar.gz cd zlib-1.2.11 ./configure make make install
tar -xvzf zlib-1.2.11.tar.gz
cd zlib-1.2.11
./configure
make
make install
openssh 我下载的是9.8的版本
https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.8p1.tar.gz
解压 tar xvf openssh-9.8p1.tar.gz
进入解压目录
./configure --prefix=/usr/local/openssh --with-ssl-dir=/usr/local/openssl --with-zlib
make -j4 && make -j4 install
#ssh允许root登录、需要密码进行验证
echo 'PermitRootLogin yes' >>/usr/local/openssh/etc/sshd_config
echo 'PubkeyAuthentication yes' >>/usr/local/openssh/etc/sshd_config
echo 'PasswordAuthentication yes' >>/usr/local/openssh/etc/sshd_config
#将编译安装的新配置文件 拷贝到原路径下
删除旧的rm -rf /etc/ssh/sshd_config
rm -rf /usr/sbin/sshd
rm -rf /usr/bin/ssh
rm -rf /usr/bin/ssh-keygen
rm -rf /etc/ssh/ssh_host_ecdsa_key.pub复制新的
cp /usr/local/openssh/etc/sshd_config /etc/ssh/sshd_config
cp /usr/local/openssh/sbin/sshd /usr/sbin/sshd
cp /usr/local/openssh/bin/ssh /usr/bin/ssh
cp /usr/local/openssh/bin/ssh-keygen /usr/bin/ssh-keygen
cp /usr/local/openssh/etc/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub#拷贝启动脚本
cp -p contrib/redhat/sshd.init /etc/init.d/sshd
#给sshd添加可执行权限
chmod +x /etc/init.d/sshd
#设置开机自启
systemctl enable sshd
#重新启动sshd服务
systemctl restart sshd
#查看sshd服务状态
systemctl status sshd
#查看ssh版本是否升级成功,可以查看到已经是9.5版本了
ssh -V
3.3.2安装报错
(base) [root@localhost openssl-3.3.2]# ./config shared
Can't locate IPC/Cmd.pm in @INC (@INC contains: /opt/openssl-3.3.2/util/perl /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 . /opt/openssl-3.3.2/external/perl/Text-Template-1.56/lib) at /opt/openssl-3.3.2/util/perl/OpenSSL/config.pm line 19.
BEGIN failed--compilation aborted at /opt/openssl-3.3.2/util/perl/OpenSSL/config.pm line 19.
Compilation failed in require at /opt/openssl-3.3.2/Configure line 23.
BEGIN failed--compilation aborted at /opt/openssl-3.3.2/Configure line 23.
yum install perl-IPC-Cmd -y
