#/bin/bash
#Now start update openssh and openssl new version
#################解决yum安装找不到配置文件
cd /var/lib/rpm
rm -rf __db*
rpm --rebuilddb
#####解决yum重建数据库后仍无效安装,杀死rpm相关进程
ps -ef |grep rpm |grep -v grep | awk ‘{print $2}’ |xargs kill -9
############解决ssh升级session失效的问题
cat /etc/redhat-release
ssh -V
yum -y install telnet-server.x86_64 xinetd.x86_64
systemctl enable telnet.socket && systemctl start telnet.socket
systemctl start xinetd && systemctl status telnet.socket
useradd telnet-user
passwd telnet-user
#####下载openssl
cd /usr/local/src
wget -c https://www.openssl.org/source/openssl-1.1.1w.tar.gz --no-check-certificate
#####安装openssl,准备依赖库安装
yum remove openssh -y
cd /etc/ssh
rm -rf *
yum -y install zlib*
yum -y install pam-*
yum -y install perl-*
yum -y install gcc
yum -y install pam-devel
yum -y install zlib-devel
cd /usr/local/src
tar xzvf openssl-1.1.1w.tar.gz
cd /usr/local/src/openssl-1.1.1w/
./config --prefix=/usr/local/openssl
make && make install
ln -sf /usr/local/openssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/openssl/lib/libssl.so.1.1 /usr/lib64/libssl.so.1.1
ln -s /usr/local/openssl/lib/libcrypto.so.1.1 /usr/lib64/libcrypto.so.1.1
openssl version
#################下载并安装openssh-9.4p1
cd /usr/local/src
wget -c https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.4p1.tar.gz --no-check-certificate
#######
tar xzvf openssh-9.4p1.tar.gz
ll
cd openssh-9.4p1/
ll
./configure --prefix=/usr/ --sysconfdir=/etc/ssh --with-openssl-includes=/usr/local/openssl/include --with-ssl-dir=/usr/local/openssl --with-zlib --with-md5-passwords --with-pam
make -j4 && make install
echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
#echo "AuthorizedKeysFile .ssh/authorized_keys" >> /etc/ssh/sshd_config
#echo "Subsystem sftp /usr/libexec/sftp-server" >> /etc/ssh/sshd_config
cd /usr/local/src/openssh-9.4p1
cp -a contrib/redhat/sshd.init /etc/init.d/sshd
chmod u+x /etc/init.d/sshd
chkconfig --add sshd
systemctl restart sshd && systemctl status sshd
ssh -V && netstat -anltp | grep sshd | head
systemctl disable telnet.socket && systemctl stop telnet.socket
yum remove telnet-server -y
####解决3.144 systemctl restart sshd 超时启动
systemctl stop ssh.service
systemctl stop sshd
rm /lib/systemd/system/sshd.service
systemctl daemon-reload
cp /usr/local/src/openssh-9.4p1/contrib/redhat/sshd.init /etc/init.d/
systemctl start sshd
systemctl status sshd
