openssh rpm 工具构建

编译工具下载配置

wget https://gitee.com/boforest/boforest/raw/master/OpenSSH/openssh-rpms-main.zip
unzip openssh-rpms-main.zip
cd openssh-rpms-main/

修改OpenSSL版本

$ pwd
/opt/openssh-rpms-main
$ vim version.env

将下载的源码包放到downloads目录

$ pwd
/opt/openssh-rpms-main/downloads
$ ls
openssh-9.8p1.tar.gz  openssl-3.2.3.tar.gz  x11-ssh-askpass-1.2.4.1.tar.gz

修改openssh.spec文件

vim el7/SPECS/openssh.spec

install -m755 contrib/ssh-copy-id $RPM_BUILD_ROOT/usr/bin/ssh-copy-id

%attr(0755,root,root) %{_bindir}/ssh-copy-id

下载编译工具和依赖

yum groupinstall -y "Development Tools"
yum install -y make rpm-build pam-devel krb5-devel zlib-devel libXt-devel libX11-devel gtk2-devel perl

./compile.sh   #运行

 生产rpm包的位置

$ ls el7/RPMS/x86_64/
openssh-9.8p1-1.el9.x86_64.rpm                    openssh-debugsource-9.8p1-1.el9.x86_64.rpm
openssh-clients-9.8p1-1.el9.x86_64.rpm            openssh-server-9.8p1-1.el9.x86_64.rpm
openssh-clients-debuginfo-9.8p1-1.el9.x86_64.rpm  openssh-server-debuginfo-9.8p1-1.el9.x86_64.rpm
openssh-debuginfo-9.8p1-1.el9.x86_64.rpm

升级OpenSSH

备份原有配置

cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup
cp /etc/pam.d/sshd /etc/pam.d/sshd.backup
cp /etc/pam.d/system-auth  /etc/pam.d/system-auth.backup

安装

$ pwd
/opt/openssh-rpms-main/el7/RPMS/x86_64
$ yum localinstall -y openssh-*.rpm

chmod 0600 /etc/ssh/ssh_host_rsa_key
chmod 0600 /etc/ssh/ssh_host_ecdsa_key
chmod 0600 /etc/ssh/ssh_host_ed25519_key

还原备份文件

cp /etc/ssh/sshd_config.backup /etc/ssh/sshd_config
cp /etc/pam.d/sshd.backup  /etc/pam.d/sshd
cp /etc/pam.d/system-auth.backup  /etc/pam.d/system-auth

重启服务/修改配置

systemctl restart sshd