Redhat操作系统升级ssh
一、准备工作
1、查看是否安装telnet
rpm -qa|grep telnet
rpm -qa|grep xinetd
2、从别的系统上使用ftp或者scp进行拷贝telnet
ftp 135.191.27.195
mget telnet-server-0.17-47.el6_3.1.x86_64.rpm telnet-0.17-47.el6_3.1.x86_64.rpm
(Redhat6.4 X64)
rpm -ivh xinetd-2.3.14-38.el6.x86_64.rpm
rpm -ivh telnet-0.17-47.el6_3.1.x86_64.rpm
rpm -ivh telnet-server-0.17-47.el6_3.1.x86_64.rpm
3、修改配置文件
修改系统安全配置文件
mv /etc/securetty /etc/securetty.bak
修改telnet配置文件
vi /etc/xinetd.d/telnet
将disable改为no
(2)vi /etc/pam.d/login
将pam_securetty.so这一行加上注释
重启Xinetd服务
service xinetd restart
二、升级SSH
ftp拷贝SSH和SSL安装包
ftp 135.191.27.195
mget openssh-6.7p1.tar.gz openssl-1.0.1h.tar.gz zlib-1.2.8.tar.gz
开始升级
service sshd stop
cp /etc/init.d/sshd /root/
rpm -e openssh –-nodeps (强制卸载openssh包)
rpm -e openssh-server –-nodeps (强制卸载openssh-server包)
rpm -e openssh-clients –-nodeps (强制卸载openssh-clients包)
rpm -e openssh-askpass (卸载openssh-askpass包)
chmod -R 777 *
cd /mnt
tar -zxvf zlib-1.2.8.tar.gz (解压包)
cd zlib-1.2.8
./configure (对即将安装的所有软件包进行配置,检查当前环境是否满足安装依赖关系)
make (从makefile中读取指令,然后进行编译)
make install (从makefile中读取指令,然后进行安装)
cd /mnt
tar -zxvf openssl-1.0.1h.tar.gz (解压包)
cd openssl-1.0.1h
./config shared zlib (调用zlib库创建共享文件库)
make
make install
mv /usr/bin/openssl /usr/bin/openssl.1FF
mv /usr/include/openssl /usr/include/openssl.1FF
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl (创建软链接文件)
ln -s /usr/local/ssl/include/openssl /usr/include/openssl
echo "/usr/local/ssl/lib" >> /etc/ld.so.conf (更新动态链接库数据)
/sbin/ldconfig –v (扫描目录,创建链接)
mv /etc/ssh /etc/ssh_bak
cd /mnt
tar -zxvf openssh-6.7p1.tar.gz
cd openssh-6.7p1
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-zlib --with-ssl-dir=/usr/local/ssl --with-md5-passwords --mandir=/usr/share/man (指定安装位置、目录为下一步make做准备)
make
make install
cp -p contrib/redhat/sshd.init /etc/init.d/sshd
chmod +x /etc/init.d/sshd
chkconfig --add sshd (在chkconfig工具服务列表中增加此服务)
cp sshd_config /etc/ssh/sshd_config
y
cp sshd /usr/sbin/sshd
y
三、重启SSH服务并检查
service sshd restart
ssh -V
四、关闭telnet(参考第一步)
mv /etc/securetty.bak /etc/securetty
vi /etc/xinetd.d/telnet
vi /etc/pam.d/login
service xinetd restart
ssh升级包可以到附件下载!