1.原环境:
cat /etc/issue
CentOS release 6.5 (Final)
ssh -V
OpenSSH_7.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
2.备份ssh目录:
cp -rf /etc/ssh /etc/ssh.bak
3.首先查看本机telnet安装情况,如有输出则无需再进行安装:rpm -qa telnet-server
4.如无telnet则需进行安装,避免ssh升级出现问题,无法远程管理:yum install telnet-server
(安装好telnet后,为确保安全,需提前测试是否能在windows系统下telnet连接至linux服务器)
5.修改配置文件:
vi /etc/xinetd.d/telnet service telnet { flags = REUSE socket_type = stream wait = no user = root server = /usr/sbin/in.telnetd log_on_failure += USERID disable = no }
默认不允许root登录,
vi /etc/securetty增加
pts/0 pts/1 pts/2
/etc/init.d/xinetd restart
这样root可以telnet登录了 6.解压安装ssh:openssh7.4的安装包:http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/找到openssh-7.4p1.tar.gz 下载即可 tar -zxvf openssh-7.4p1.tar.gz cd openssh-7.4p1 ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --with-zlib --with-md5-passwords --with-tcp-wrappers(在执行以上这条命令时,如出现error的错误,代表这里缺少依赖包,可根据不同提示信息进行下载安装,缺少包的情况会有:zlib、openssl-devel、pam等) make make install 安装成功后会提示:/etc/ssh/ssh_config already exists, install will not overwrite/etc/ssh/sshd_config already exists, install will not overwrite/etc/ssh/moduli already exists, install will not overwritessh-keygen: generating new host keys: ECDSA ED25519 /usr/sbin/sshd -t -f /etc/ssh/sshd_config/etc/ssh/sshd_config line 81: Unsupported option GSSAPIAuthentication/etc/ssh/sshd_config line 83: Unsupported option GSSAPICleanupCredentials
7.修改配置文件,允许root登录:vi /etc/ssh/sshd_config #PermitRootLogin yes 修改为 PermitRootLogin yes 命令:sed -i ‘/^#PermitRootLogin/s/#PermitRootLogin yes/PermitRootLogin yes/‘ /etc/ssh/sshd_config
8.重启opensshservice sshd restart 9.查看升级后的版本:ssh -V OpenSSH_7.4p1, OpenSSL 1.0.1e-fips 11 Feb 2013 原文出处:http://blog.csdn.net/zhangguoliang521/article/details/62042306
原文地址:https://www.cnblogs.com/dukeShi/p/8134061.html
时间: 2024-07-29 20:37:23