Linux下openssh升级
1:因为openssh需要openssl,所以先更新openssl,下载openssl,
http://www.openssl.org/source/
|
,我下载的是
3459643 Sep 15 16:35:55 2008 openssl-0.9.8i.tar.gz (MD5) (SHA1) (PGP sign) [LATEST]
|
我现在的版本是:openssl-0.9.7,想把它升级到 openssl-0.9.8
2:我下载的是
openssl-0.9.8i.tar.gz, 放到/home/software下
tar -zxvf openssl-0.9.8i.tar.gz
cd openssl-0.9.8i
|
./config shared zlib --prefix=/usr/local/openssl
make
make install which openssl会发现openssl在/usr/bin目录下
mv /usr/bin/openssl /usr/bin/openssl.bak
mv /usr/include/openssl /usr/include/openssl.bak
cd /usr/bin
ln -s /usr/local/openssl/bin/openssl openssl
cd /usr/include
ln -s /usr/local/openssl/include/openssl openssl
然后openssl version -a输出如下:
|
OpenSSL 0.9.8i 15 Sep 2008
builton:MonDec115:35:49CST2008
platform:linux-elf
options:bn(64,32)md2(int)rc4(idx,int)des(ptr,risc1,16,long)idea(int)blowfish(idx)
compiler:gcc-fPIC-DOPENSSL_PIC-DZLIB-DOPENSSL_THREADS-D_REENTRANT-DDSO_DLFCN-DHAVE_DLFCN_H-DL_ENDIAN-DTERMIO-O3-fomit-frame-pointer-Wall-DOPENSSL_BN_ASM_PART_WORDS-DOPENSSL_IA32_SSE2-DSHA1_ASM-DMD5_ASM-DRMD160_ASM-DAES_ASM
OPENSSLDIR:"/usr/local/openssl/ssl"
|
3:echo"/usr/local/openssl/lib">>/etc/ld.so.conf
ldconfig
4:下载openssh(forlinux),我下载的版本是:
openssh-5.1p1.tar.gz ,放到/home/software目录下
tar -zxvf openssh-5.1pl.tar.gz
cd openssh-5.1pl
|
./configure --prefix=/usr/local/openssh --sysconfdir=/usr/local/openssh/etc/ssh --with-pam --with-zlib=/us r/local/zlib --with-ssl-dir=/usr/local/openssl --with-md5-passwords --mandir=/usr/share/man
make
make install
即可成功将openssh成功安装。
|
3:先查看sshd是否已经启动,netstat-antl|grep22,若有输出,则表示sshd服务已经启动。
可用ssh-v查询老的版本号,用servicesshdstop将服务停掉。然后有chkconfigsshdoff将其设置为不随系统开机启动(一般情况下默认此服务随系统开机启动)
4:vi/etc/profile,在该文件的最后加入:
export PATH=/usr/local/openssh/bin:$JAVA_HOME/bin:$PATH ,注意必须把$PATH放在后半部分
然后 source /etc/profile使之立刻生效
|
5:将sshd设置成开机启动:
/etc/rc.d/rc5.d
ln -s /usr/local/openssh/sbin/sshd S99sshd
|
6:测试openssh是否成功更新:(启动sshd服务用:
/usr/local/openssh/sbin/sshd,如果没有错误输出,然后用netstat-antl|grep22查看sshd服务是否已经启动,若成功如下:)
[root@qingheliu bin]# netstat -antl | grep 22
tcp000.0.0.0:220.0.0.0:*LISTEN
[root@qingheliubin]#
|
ssh -v 输出如下:注意红色字体部分, 显然表示已经成功更新
[root@qingheliu bin]# ssh -v
OpenSSH_5.1p1,OpenSSL0.9.8i15Sep2008
usage:ssh[-1246AaCfgKkMNnqsTtVvXxY][-bbind_address][-ccipher_spec]
[-D[bind_address:]port][-eescape_char][-Fconfigfile]
[-iidentity_file][-L[bind_address:]port:host:hostport]
[-llogin_name][-mmac_spec][-Octl_cmd][-ooption][-pport]
[-R[bind_address:]port:host:hostport][-Sctl_path]
[-w local_tun[:remote_tun]] [user@]hostname [command |