赞
踩
下载相关的包
#openssh
wget --no-check-certificate https://mirrors.aliyun.com/pub/OpenBSD/OpenSSH/portable/openssh-9.3p2.tar.gz
#zlib:wget --no-check-certificate http://www.zlib.net/zlib-1.3.1.tar.gz
#openssl:wget --no-check-certificate https://www.openssl.org/source/openssl-3.1.2.tar.gz
安装依赖
apt update
apt install -y g++ perl make libpam0g-dev build-essential
在升级SSH过程中,确保Telnet能够连接服务器是为了提供远程访问方式(以防ssh升级失败,导致无法连接服务器)。需要注意的是,由于Telnet的不安全性,应尽量减少在正式环境中使用Telnet,并在SSH升级完成&恢复正常的SSH远程访问后关闭Telnet。
apt install openbsd-inetd telnetd telnet -y
systemctl restart openbsd-inetd
systemctl status openbsd-inetd
netstat -anpt|grep 23
测试是否可以通过Telnet成功登陆
卸载原openssh:apt-get autoremove openssh-server openssh-client -y
tar zxvf zlib-1.3.tar.gz
cd zlib-1.3/
./configure --shared
make && make install
#解压
tar zxvf openssl-3.1.2.tar.gz
cd openssl-3.1.2
#编译安装
./config --prefix=/usr/local/openssl shared zlib
sudo make depend
sudo make && make install
#备份原来的openssl,创建软链接到系统位置
sudo mv /usr/bin/openssl /usr/bin/openssl.bak
sudo ln -sv /usr/local/openssl/bin/openssl /usr/bin/openssl
#更新动态链接库数据
echo “/usr/local/openssl/lib” >>sudo /etc/ld.so.conf
sudo ldconfig -v
openssl version
期间出现的错误及解决办法:
#openssl version
openssl: /lib/x86_64-linux-gnu/libcrypto.so.3: version `OPENSSL_3.0.9’ not found (required by openssl)
#cp libcrypto.so.3 /lib/x86_64-linux-gnu/libcrypto.so.3
#openssl version
基础依赖参考以上内容
sudo apt-get install zlib1g-dev -y
tar zxvf openssh-9.3p2.tar.gz
cd openssh-9.3p2
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --without-zlib-version-check --with-ssl-dir=/usr/local/openssl/ --with-privsep-path=/var/lib/ssh
重点:如果这个config过程中报错configure: error: PAM headers not found,说明一开始的pam依赖没装好
需要重新安装pam: apt-get install libpam0g-dev
make && make install
ssh -V
取消屏蔽SSH服务并启动
systemctl unmask ssh.service
systemctl restart sshd
如果启动sshd出现错误:如图
尝试重新加载systemd的配置文件,然后再次尝试重新启动服务:
sudo systemctl daemon-reload
sudo systemctl restart sshd
systemctl status sshd
关闭Telnet
systemctl status openbsd-inetd
systemctl disable openbsd-inetd
systemctl stop openbsd-inetd
systemctl status openbsd-inetd
Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。