• [CentOS7]升级SSH9.0p1


    SSH9.0 RPM安装包制作

    cat  > 01-ssh9.0-upgrade.sh << 'EOF'
    #!/bin/bash
    # 1. 安装依赖
    yum install -y rpm-build gcc gcc-c++ glibc glibc-devel openssl-devel openssl prce pcre-devel zlib zlib-devel make wget krb5-devel pam-devel libX11-devel xmkmf libXt-devel initscripts libXt-devel imake gtk2-devel lrzsz
    
    # 2. 创建安装目录
    mkdir -pv /root/rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS}
    
    # 3. 下载源码包
    curl -O https://mirrors.aliyun.com/pub/OpenBSD/OpenSSH/portable/openssh-9.0p1.tar.gz \
    && mv openssh-9.0p1.tar.gz /root/rpmbuild/SOURCES
    
    # 4. 解压配置文件
    tar zxvf /root/rpmbuild/SOURCES/openssh-9.0p1.tar.gz -C /root/rpmbuild/SOURCES/
    mv /root/rpmbuild/SOURCES/openssh-9.0p1 /root/rpmbuild/SPECS
    
    # 5. 配置spec编译文件
    sed -i -e "s/%global no_gnome_askpass 0/%global no_gnome_askpass 1/g" /root/rpmbuild/SPECS/openssh-9.0p1/contrib/redhat/openssh.spec
    sed -i -e "s/%global no_x11_askpass 0/%global no_x11_askpass 1/g" /root/rpmbuild/SPECS/openssh-9.0p1/contrib/redhat/openssh.spec
    sed -i '/openssl-devel < 1.1/s/^/#/' /root/rpmbuild/SPECS/openssh-9.0p1/contrib/redhat/openssh.spec
    
    # 6. 编译RPM
    rpmbuild -bb /root/rpmbuild/SPECS/openssh-9.0p1/contrib/redhat/openssh.spec
    ll /root/rpmbuild/RPMS/x86_64/
    
    # 7. 备份ssh
    mkdir /etc/sshconfig_backup
    cp /etc/ssh/sshd_config /etc/sshconfig_backup/
    cp /etc/pam.d/sshd /etc/sshconfig_backup/pam.d_sshd
    cp -a /root/.ssh /etc/sshconfig_backup
    
    # 8. 升级SSH
    rpm -Uvh /root/rpmbuild/RPMS/x86_64/openssh*.rpm
    
    # 9. 恢复配置
    \cp /etc/sshconfig_backup/sshd_config /etc/ssh/sshd_config
    \cp /etc/sshconfig_backup/pam.d_sshd /etc/pam.d/sshd
    # 9.1 并加上PermitRootLogin yes允许root用户登录
    sed -i "s/#PermitRootLogin yes/PermitRootLogin yes/g" /etc/ssh/sshd_config
    echo "KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1" >> /etc/ssh/sshd_config
    # 9.2
    chmod 600 -R /etc/ssh/*
    
    # 10. 重启服务
    rm -rf /root/rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS}
    systemctl restart sshd
    netstat -nltap | grep 22
    EOF
    
    bash 01-ssh9.0-upgrade.sh
    

    RPM包CSDN 免费下载地址

  • 相关阅读:
    jQuery中的事件
    Ajax跨域
    javascript的时间委托
    大型数据库优化技巧
    mysql数据库忘记密码时如何修改
    DAY69-nosql
    DAY68-redis
    DAY67-Memcached
    DAY65-apache的安装
    DAY63-centos介绍
  • 原文地址:https://www.cnblogs.com/leoshi/p/16411968.html
Copyright © 2020-2023  润新知