openssh下载链接:https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/
查看ssh版本
ssh -V
# OpenSSH_9.0p1, OpenSSL 1.0.2k-fips 26 Jan 2017
创建一个openssh文件夹存放文件
mkdir openssh
安装依赖
yum install -y wget gcc pam-devel libselinux-devel zlib-devel openssl-devel
检查依赖
rpm -qa wget gcc pam-devel libselinux-devel zlib-devel openssl-devel
# libselinux-devel-2.5-15.el7.x86_64
# openssl-devel-1.0.2k-25.el7_9.x86_64
# wget-1.14-18.el7_6.1.x86_64
# pam-devel-1.1.8-23.el7.x86_64
# zlib-devel-1.2.7-20.el7_9.x86_64
# gcc-4.8.5-44.el7.x86_64
将openssh安装包放到openssh文件夹中,并解压
tar -zxvf openssh-9.0p1.tar.gz
在openssh文件夹,备份原来的配置文件
cp /etc/ssh/sshd_config sshd_config.backup
cp /etc/pam.d/sshd sshd.backup
卸载原来的openssh
rpm -e --nodeps `rpm -qa | grep openssh`
rpm -qa openssh
进入解压的openssh文件夹,编译安装
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-zlib --with-tcp-wrappers --with-ssl-dir=/usr/local/ssl --without-hardening
make && make install
调整文件夹权限
chmod 600 /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ed25519_key
复制配置文件
cp -a contrib/redhat/sshd.init /etc/init.d/sshd
chmod u+x /etc/init.d/sshd
mv ../sshd.backup /etc/pam.d/sshd
mv ../sshd_config.backup /etc/ssh/sshd_config
# 会询问是否覆盖,确认覆盖
添加添加自启服务ssh到开机启动项
chkconfig --add sshd
chkconfig sshd on
重启sshd服务
systemctl restart sshd
可能重启报错:
Job for sshd.service failed because the control process exited
查看报错信息:
/usr/sbin/sshd -T
systemctl status sshd
journalctl -xe