openssh7.X升级到openssh8.6p1

升级准备

下载好安装包：

zlib-1.2.11.tar.gz
openssh-8.6p1.tar.gz
openssl-1.1.1g.tar.gz

上传到服务器目录并解压缩：

tar --no-same-owner -zxvf zlib-1.2.11.tar.gz
tar --no-same-owner -zxvf openssh-8.6p1.tar.gz
tar --no-same-owner -zxvf openssl-1.1.1g.tar.gz

 我这里上传在/root 家目录

 

编译安装zlib
cd zlib-1.2.11
./configure --prefix=/usr/local/zlib
make && make install

编译安装openssl
cd openssl-1.1.1g
./config --prefix=/usr/local/ssl -d shared
make && make install
echo '/usr/local/ssl/lib' >> /etc/ld.so.conf
ldconfig -v

安装openssh
cd openssh-8.6p1
./configure --prefix=/usr/local/openssh --with-zlib=/usr/local/zlib --with-ssl-dir=/usr/local/ssl
make && make install

 

更改新的sshd_config配置文件：

echo 'PermitRootLogin yes' >>/usr/local/openssh/etc/sshd_config
echo 'PubkeyAuthentication yes' >>/usr/local/openssh/etc/sshd_config
echo 'PasswordAuthentication yes' >>/usr/local/openssh/etc/sshd_config

 

备份老的ssh配置：

mv /usr/bin/ssh /usr/bin/ssh.bak
mv /usr/bin/ssh-keygen /usr/bin/ssh-keygen.bak
mv /usr/sbin/sshd /usr/sbin/sshd.bak
mv /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
mv /etc/ssh/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub.bak

 

拷贝新的配置文件：

cp /usr/local/openssh/bin/ssh /usr/bin/ssh
cp /usr/local/openssh/sbin/sshd /usr/sbin/sshd
cp /usr/local/openssh/bin/ssh-keygen /usr/bin/ssh-keygen
cp /usr/local/openssh/etc/sshd_config /etc/ssh/sshd_config
cp /usr/local/openssh/etc/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub

到此一步，已经更新成功，直接重启sshd服务即可。

 

重启失败，解决方案：

关停服务，删除旧的服务脚本

systemctl stop sshd.service
rm -rf /lib/systemd/system/sshd.service

拷贝新的执行脚本

systemctl daemon-reload
cp /root/openssh-8.6p1/contrib/redhat/sshd.init /etc/init.d/sshd

重启服务，添加开机启动即可

/etc/init.d/sshd restart
systemctl status sshd
chkconfig --add sshd
chkconfig --list sshd

rpm依赖安装：rpm -Uvh --force --nodeps *.rpm 

perl安装：./Configure -des -D prefix=/usr/local/