国产操作系统 麒麟服务器v10离线升级 openssh9.8p1
1.官网下载openssh、openssl、zlib源码包
- #openssh下载链接
https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.8p1.tar.gz
- #openssl下载链接
https://www.openssl.org/source/openssl-3.3.1.tar.gz
- #zlib下载链接
https://www.zlib.net/zlib-1.3.1.tar.gz
2.安装zlib
tar -zxf zlib-1.3.1.tar.gz
cd zlib-1.3.1
#检查配置并设置安装路径
./configure --prefix=/usr/local/zlib
#编译安装
make && make install
3.安装openssl
tar -zxf openssl-3.1.3.tar.gz
cd openssl-3.1.3
./Configure --prefix=/usr/local/openssl
#允许4个核心编译,速度快
make -j 4 && make install
#让系统能够找到并加载 OpenSSL 库
echo “/usr/local/openssl/lib” >> /etc/ld.so.conf
#应用库配置
ldconfig
4.安装openssh
tar -zxf openssh-9.8p1.tar.gz
cd openssh-9.8p1/
#备份
mv /etc/ssh /etc/ssh_old.bak
mv /usr/bin/ssh /usr/bin/ssh_old.bak
mv /usr/bin/ssh-keygen /usr/bin/ssh-keygen_old.bak
mv /usr/sbin/sshd /usr/sbin/sshd_old.bak
cp /etc/pam.d/sshd /etc/pam.d/sshd_old.bak
./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh --with-pam --with-ssl-dir=/usr/local/openssl --with-zlib=/usr/local/zlib
make && make install
#更新系统服务和配置文件
cp /usr/local/openssh/sbin/sshd /usr/sbin/sshd
cp /usr/local/openssh/bin/ssh /usr/bin/ssh
cp /usr/local/openssh/bin/ssh-keygen /usr/bin/ssh-keygen
cp -p contrib/redhat/sshd.init /etc/init.d/sshd
chmod +x /etc/init.d/sshd
#配置文件允许root远程,允许密码认证,允许公钥认证
#执行前,请确认sshd_config路径
echo ‘PermitRootLogin yes’ >> /etc/sshd_config
echo ‘PubkeyAuthentication yes’ >> /etc/sshd_config
echo ‘PasswordAuthentication yes’ >> /etc/sshd_config
#开机自启并立即运行ssh服务
systemctl enable --now sshd
#重启ssh服务
systemctl restart sshd
