{"id":173,"date":"2021-03-23T10:20:43","date_gmt":"2021-03-23T02:20:43","guid":{"rendered":"http:\/\/feel.name\/?p=173"},"modified":"2021-03-23T10:20:43","modified_gmt":"2021-03-23T02:20:43","slug":"centos%e5%8d%87%e7%ba%a7openssh%e5%92%8copenssl","status":"publish","type":"post","link":"http:\/\/feel.name\/?p=173","title":{"rendered":"centos\u5347\u7ea7openssh\u548copenssl"},"content":{"rendered":"\n

\u5347\u7ea7\u524d\u505a\u597d\u51c6\u5907\uff0c\u4e0b\u8f7d\u597dopenssl\u548copenssh<\/p>\n\n\n\n

openssh\u4e0b\u8f7d\u5730\u5740 \u6700\u65b0\u7248\u76ee\u524d8.5p1 https:\/\/openbsd.hk\/pub\/OpenBSD\/OpenSSH\/portable\/<\/p>\n\n\n\n

openssl\u4e0b\u8f7d\u5730\u5740 \u76f4\u63a5\u5b98\u7f51\u64b8\u5c31\u597d https:\/\/www.openssl.org\/source\/openssl-1.1.1j.tar.gz<\/p>\n\n\n\n

\u7cfb\u7edf\u7248\u672ccentos7.8 \u6309\u81ea\u5df1\u7684\u9700\u6c42\u53bb\u4e0b\u8f7d<\/p>\n\n\n\n

\u7cfb\u7edf\u9700\u8981\u5b89\u88c5\u7f16\u8bd1\u6240\u9700\u7684gcc<\/p>\n\n\n\n

yum install net-tools lrzsz zlib-devel openssl-devel wget curl telnet ncurses ncurses-devel gcc gcc-c++ autoconf automake -y<\/p>\n\n\n\n

yum install perl pam-devel -y<\/p>\n\n\n\n

\u8fdc\u7a0b\u5347\u7ea7\u8bb0\u5f97\u7528\u5230telnet \u9700\u8981\u5b89\u88c5telnet\u670d\u52a1<\/p>\n\n\n\n

yum install telnet telnet-server xinetd -y<\/p>\n\n\n\n

\u6682\u65f6\u6211\u4eec\u672c\u5730\u76f4\u63a5\u5347\u7ea7\uff0c\u6240\u4ee5\u4e0d\u8bf4telnet\u6709\u5173\u7684\u4e8b<\/p>\n\n\n\n

\u5347\u7ea7openssl<\/p>\n\n\n\n

1.\u5907\u4efdopenssl
find \/ -name openssl
mv \/usr\/bin\/openssl \/usr\/bin\/openssl.old
mv \/usr\/lib64\/openssl \/usr\/lib64\/openssl.old
mv \/etc\/pki\/ca-trust\/extracted\/openssl \/etc\/pki\/ca-trust\/extracted\/openssl.old
\u4ee5\u4e0b\u5e93\u6587\u4ef6\u5fc5\u987b\u5907\u4efd\uff0c\u9632\u6b62\u5347\u7ea7\u8fc7\u7a0b\u51fa\u73b0\u95ee\u9898\uff0c\u5bfc\u81f4yum\u3001wget\u7b49\u5931\u6548\u65e0\u6cd5\u4f7f\u7528
cp \/usr\/lib64\/libcrypto.so.10 \/usr\/lib64\/libcrypto.so.10.old
cp \/usr\/lib64\/libssl.so.10 \/usr\/lib64\/libssl.so.10.old
2.\u5220\u9664\u539fopenssl
rpm -qa|grep openssl
rpm -qa|grep openssl|xargs -i rpm -e nodeps {}
\u4e5f\u53ef\u4ee5rpm -e nodeps \u7b2c\u4e00\u6761\u8bed\u53e5\u68c0\u6d4b\u51fa\u7684\u5305
3.\u5b89\u88c5\u65b0openssl
tar -zxvf openssl-1.1.1c.tar.gz
.\/config –prefix=\/usr –openssldir=\/etc\/ssl –shared zlib #\u8fd9\u4e00\u6b65\u5982\u679c\u62a5\u9519\u5f88\u53ef\u80fd\u662fzlib\u7248\u672c\u672a\u5347\u7ea7
make
make install
openssl version -a #\u67e5\u770b\u662f\u5426\u5347\u7ea7\u5230\u65b0\u7248\u672c#
<\/p>\n\n\n\n

<\/p>\n\n\n\n

\u5347\u7ea7openssh<\/p>\n\n\n\n

1.\u5907\u4efd\u5f53\u524dopenssh
mv \/etc\/ssh \/etc\/ssh.old
2.\u5378\u8f7d\u5f53\u524dopenssh
rpm -qa|grep openssh
rpm -qa|grep openssh|xargs -i rpm -e –nodeps {}
3.openssh\u5b89\u88c5\u524d\u73af\u5883\u914d\u7f6e
install -v -m700 -d \/var\/lib\/sshd #\u521b\u5efa\u76ee\u5f55\u5e76\u6388\u6743700\u6743\u9650
chown -v root:sys \/var\/lib\/sshd
4.\u5f00\u59cb\u5b89\u88c5
tar -xvf openssh-8.4p1.tar #\u89e3\u538b\u5b89\u88c5\u5305#
cd openssh-8.4p1
.\/configure –prefix=\/usr –sysconfdir=\/etc\/ssh –with-md5-passwords –with-pam –with-zlib –with-openssl-includes=\/usr –with-privsep-path=\/var\/lib\/sshd
make
make install
5.\u5b89\u88c5\u540e\u73af\u5883\u914d\u7f6e
install -v -m755 contrib\/ssh-copy-id \/usr\/bin
install -v -m644 contrib\/ssh-copy-id.1 \/usr\/share\/man\/man1
install -v -m755 -d \/usr\/share\/doc\/openssh-8.4p1
install -v -m644 INSTALL LICENCE OVERVIEW README* \/usr\/share\/doc\/openssh-8.4p1
6.\u67e5\u770b\u662f\u5426\u5347\u7ea7\u6210\u529f
ssh -V
7.\u542f\u7528openssh\u670d\u52a1
echo \u2018X11Forwarding yes\u2019 >> \/etc\/ssh\/sshd_config
echo \u201cPermitRootLogin yes\u201d >> \/etc\/ssh\/sshd_config #\u5141\u8bb8root\u7528\u6237\u901a\u8fc7ssh\u767b\u5f55
cp -p contrib\/redhat\/sshd.init \/etc\/init.d\/sshd
chmod +x \/etc\/init.d\/sshd
chkconfig –add sshd
chkconfig sshd on
chkconfig –list sshd
service sshd restart
<\/p>\n","protected":false},"excerpt":{"rendered":"

\u5347\u7ea7\u524d\u505a\u597d\u51c6\u5907\uff0c\u4e0b\u8f7d\u597dopenssl\u548copenssh openssh\u4e0b\u8f7d\u5730\u5740 \u6700\u65b0\u7248\u76ee\u524d8.5p1 https…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-173","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"http:\/\/feel.name\/index.php?rest_route=\/wp\/v2\/posts\/173","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/feel.name\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/feel.name\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/feel.name\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/feel.name\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=173"}],"version-history":[{"count":1,"href":"http:\/\/feel.name\/index.php?rest_route=\/wp\/v2\/posts\/173\/revisions"}],"predecessor-version":[{"id":174,"href":"http:\/\/feel.name\/index.php?rest_route=\/wp\/v2\/posts\/173\/revisions\/174"}],"wp:attachment":[{"href":"http:\/\/feel.name\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=173"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/feel.name\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=173"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/feel.name\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=173"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}