一、參考
CentOS7 OpenSSH_7.4p1升級到OpenSSH_8.2p1(編譯安裝)
http://note.youdao.com/noteshare?id=18c98a718b38769f6d811ddf4134d042&sub=6F03F36361AF423C9481BA706A921947
CentOS7 升級OpenSSH到8.2p1後無法進行ssh遠程登錄
http://note.youdao.com/noteshare?id=1caba986dff3609af2c3765997a87df7&sub=DC9E2B8EF836490C86A402EDF896F7E3
二、腳本
#!/bin/bash
#安裝配置telnet,預防升級過程中出現問題,導致SSH無法使用
yum install -y telnet telnet-server
systemctl enable telnet.socket
systemctl start telnet.socket
ss -tnl | grep 23
useradd telnet_test
echo "telnet_test" | passwd --stdin telnet_test
#安裝編譯環境並卸載舊版本OpenSSH
yum install zlib-devel openssl-devel pam-devel -y
cp -r /etc/ssh /etc/ssh.old
rpm -qa | grep openssh
rpm -e --nodeps openssh-clients
rpm -e --nodeps openssh-server
rpm -e --nodeps openssh-7.4p1
rpm -qa | grep openssh
#編譯安裝OpenSSH_8.2p1
cd /usr/local
tar -zxvf openssh-8.2p1.tar.gz
cd /usr/local/openssh-8.2p1/
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam
make
chmod 600 /etc/ssh/ssh_host_rsa_key
chmod 600 /etc/ssh/ssh_host_ecdsa_key
chmod 600 /etc/ssh/ssh_host_ed25519_key
make install
install -v -m755 contrib/ssh-copy-id /usr/bin
cp /etc/ssh/sshd_config{,.bak}
sed -i "s@#PermitRootLogin prohibit-password@PermitRootLogin yes@" /etc/ssh/sshd_config
sed -i "s@#PasswordAuthentication yes@PasswordAuthentication yes@" /etc/ssh/sshd_config
echo "KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1,[email protected]" >> /etc/ssh/sshd_config
#配置開機啓用
cd /usr/local/openssh-8.2p1/
cp -p contrib/redhat/sshd.init /etc/init.d/sshd
chmod +x /etc/init.d/sshd
chkconfig --add sshd
/sbin/chkconfig sshd on
systemctl start sshd
#驗證
echo ""
echo ""
ifconfig | grep "inet"
ssh -V
systemctl status sshd | grep "Active:"