openEuler-22.03-LTS-SP1 RPM升级 OpenSSH9.2p1 - Linux

TOP

openEuler-22.03-LTS-SP1 RPM升级 OpenSSH9.2p1

2023-07-23 13:40:45 【大中小】浏览:19次

Tags：openEuler-22.03-LTS-SP1 RPM 升级 OpenSSH9.2p1

# 安装rpm编译环境

dnf install -y rpm-build vim gcc gcc-c++ glibc glibc-devel openssl-devel openssl pcre pcre-devel zlib zlib-devel make wget krb5-devel pam-devel libX11-devel xmkmf libXt-devel initscripts libXt-devel imake gtk2-devel lrzsz --downloadonly --downloaddir=/opt/software/package/rpm-build

rpm -Uvh --force --nodeps /opt/software/package/rpm-build/*.rpm

# 创建几个目录备用

mkdir -pv /root/rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS}

# 下载openssh源码包

cd /root/rpmbuild/SOURCES/ 

wget https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.2p1.tar.gz --no-check-certificate

# 解压源码包

tar -zxvf openssh-9.2p1.tar.gz -C /root/rpmbuild/SPECS/

# 备份sshd.init和sshd.pam

cd /root/rpmbuild/SPECS/openssh-9.2p1/contrib/redhat/

cp sshd.init sshd.init.old

cp sshd.pam sshd.pam.old

# 备份后重新打包替换掉/root/rpmbuild/SOURCES/openssh-9.2p1.tar.gz

cd /root/rpmbuild/SPECS

tar -czf openssh-9.2p1.tar.gz openssh-9.2p1/

rm -f /root/rpmbuild/SOURCES/openssh-9.2p1.tar.gz

mv openssh-9.2p1.tar.gz /root/rpmbuild/SOURCES/openssh-9.2p1.tar.gz

# 修改相关文件内容(预防编译报错)

cd /root/rpmbuild/SPECS/openssh-9.2p1/contrib/redhat/

sed -i -e "s/%global no_gnome_askpass 0/%global no_gnome_askpass 1/g" openssh.spec

sed -i -e "s/%global no_x11_askpass 0/%global no_x11_askpass 1/g" openssh.spec

sed -i '/openssl-devel < 1.1/s/^/#/' openssh.spec

# 编译打包

rpmbuild -bb /root/rpmbuild/SPECS/openssh-9.2p1/contrib/redhat/openssh.spec

# 如果打包失败,可以卸载重装openssl-devel,再用上面的代码打包:

yum remove -y openssl-devel

yum install -y openssl-devel

# 打包成功后就可以安装包了(不是每个包都必须安装)

cd /root/rpmbuild/RPMS/x86_64/

dnf -y install openssh-9.2p1-1.x86_64.rpm openssh-clients-9.2p1-1.x86_64.rpm openssh-server-9.2p1-1.x86_64.rpm

# 如果无法安装,可以先卸载旧版的SSh

dnf remove -y openssh*

# 最后查看ssh版本,大功告成

ssh -v

#关闭selinux

setenforce 0

vi /etc/selinux/config

SELINUX=disabled

#修改/etc/ssh/sshd_config配置文件vim /etc/ssh/sshd_config


PermitRootLogin yes

UsePAM no

#开启ssh服务
systemctl start sshd

# 如果无法开启服务,可以用sshd -T查看错误原因,如下图提示/etc/ssh/sshd_config配置文件142,144,159行有问题,那么直接进去注释掉

#RSAAuthentication yes
#RhostsRSAAuthentication no
#GSSAPIKexAlgorithms gss-group14-sha256-,gss-group16-sha512-,gss-curve25519-sha256-

# 如果sshd -T 如下图提示rsa文件权限不足,那么直接给权限就行。

chmod 700 /etc/ssh/ssh_host_rsa_key
chmod 700 /etc/ssh/ssh_host_ed25519_key
chmod 700 /etc/ssh/ssh_host_ecdsa_key


【大中小】【打印】【繁体】【投稿】【收藏】【推荐】【举报】【评论】【关闭】【返回顶部】

上一篇：黑群辉重启成功但是无法远程	下一篇：记一次jenkins 解决 Host key ver..