1.更新openssh
##### openssh升级到8.6命令
# 安装依赖
apt-get install -y aptitude
aptitude install -f libpam0g-dev libselinux1-dev
apt-get install -y libssl-dev zlib1g-dev
# 备份ssh配置
cp -rf /etc/ssh /etc/ssh.bak
# 设置文件权限
chmod 600 /etc/ssh/ssh_host_rsa_key
chmod 600 /etc/ssh/ssh_host_ecdsa_key
chmod 600 /etc/ssh/ssh_host_ed25519_key
# 配置sshd配置
sed -i ‘s/^#PermitRootLogin yes/PermitRootLogin yes/’ /etc/ssh/sshd_config
sed -i ‘s/^GSSAPIAuthentication/#&/’ /etc/ssh/sshd_config
sed -i ‘s/^GSSAPICleanupCredentials/#&/’ /etc/ssh/sshd_config
sed -i ‘s/^UsePAM/#&/’ /etc/ssh/sshd_config
# 配置service, 取消notify
sed -i ‘s/^Type/#&/’ /lib/systemd/system/ssh.service
# 下载包
wget https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.6p1.tar.gz
tar zxf openssh-8.6p1.tar.gz
# 编译安装
cd openssh-8.6p1
./configure –prefix=/usr –with-privsep-path=/var/empty/sshd/ \
–sysconfdir=/etc/ssh –with-ssl-dir=/usr/local/openssl/ \
–with-default-path=/usr/local/bin:/bin:/usr/bin \
–with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
–with-pam –with-selinux –disable-strip –with-md5-passwords
make
make install
# 重启服务
systemctl daemon-reload
systemctl restart sshd
# 现在版本
ssh -V
————————————————
版权声明:本文为CSDN博主「GF_1205」的原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接及本声明。
原文链接:https://blog.csdn.net/GF_1205/article/details/115708434
2.更新OpenSSL
echo /usr/local/openssl/lib >> /etc/ld.so.conf
ldconfig