升级openssh

1.原来版本

 漏洞版本

2.安装依赖包

 yum -y install gcc pam-devel zlib-devel openssl-devel

 rpm -qa grep "gcc|make|zlib|zlib-devel|pam|pam-devel|openssl|openssl-devel"

3

tar -zxvf openssh-8.0p1.tar.gz

cd openssh-8.0p1

cp -r /etc/ssh /etc/ssh.bak

./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --with-md5-passwords --with-ssl-dir=/usr/local/openssl --with-openssl-includes=/usr/local/openssl/include/ --with-ssl-lib=/usr/local/openssl/lib

// 在此处可以指定openssl和zlib位置,如果未指定则是用系统默认的OpenSSL和zllib

make

make install

mv /etc/ssh /etc/ssh.old

mv /etc/ssh.bak /etc/ssh

 

4.

sed -i '/^GSSAPICleanupCredentials/s/GSSAPICleanupCredentials yes/#GSSAPICleanupCredentials yes/' /etc/ssh/sshd_config

 sed -i '/^GSSAPIAuthentication/s/GSSAPIAuthentication yes/#GSSAPIAuthentication yes/' /etc/ssh/sshd_config

 sed -i '/^GSSAPIAuthentication/s/GSSAPIAuthentication no/#GSSAPIAuthentication no/' /etc/ssh/sshd_config

 

service sshd restart

ssh -V

 

posted @ 2020-09-18 11:32  明天pk昨天  阅读(115)  评论(0)    收藏  举报