首页 › RedHat/Centos论坛 › CentOS openssh 升级教程

红兴 發表於 2023-12-25 13:24:00

CentOS openssh 升级教程

<p>openssh 下载地址</p>
<p>https://www.openssh.com/openbsd.html</p>
<p>&nbsp;</p>
<ul>
<li>
<h3>OpenSSH 9.6: December 18, 2023</h3>
<p>https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-9.6.tar.gz</p>
<pre># cd /usr/src/usr.bin
# tar zxvf .../openssh-9.6.tar.gz
# cd ssh
# make obj
# make cleandir
# make depend
# make
# make install
# cp ssh_config sshd_config /etc/ssh # (optional)
</pre>
and restart sshd.</li>
</ul>
<p>先查看系统版本</p>
<p>在 Ubuntu/Debian、CentOS/RHEL 系统上，你可以使用不同的命令来查看 Linux 系统的版本信息。</p>
<p>1. 查看 Ubuntu/Debian 版本：<br>```<br>lsb_release -a<br>```</p>
<p>或者<br>```<br>cat /etc/os-release<br>```</p>
<p>这些命令将输出包含系统版本信息的文本，其中包括发行版名称、发行版版本和系统内核版本等。</p>
<p>2. 查看 CentOS/RHEL 版本：<br>```<br>cat /etc/redhat-release<br>```</p>
<p>这个命令将直接输出 CentOS 或 RHEL 的版本信息。</p>
<p>除了上面这些命令外，你还可以使用以下命令来获取系统内核版本：</p>
<p>```<br>uname -a<br>```</p>
<p>这个命令将输出包含内核版本的详细信息。</p>
<p>请根据你所使用的具体 Linux 发行版本选择适当的命令查看系统版本信息。</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>可以使用hostnamectl该命令查看系统</p>
<p>hostnamectl</p>
<p><img src="https://img2023.cnblogs.com/blog/2730054/202312/2730054-20231225133541093-258080702.png"></p>
<p>&nbsp;我的是</p>
<div class="_no-spacing_lzhxo_29" data-module="">
<p class="_paragraph_lzhxo_2 cu-line-clamp-default md">AnolisOS 8系统</p>
<p class="_paragraph_lzhxo_2 cu-line-clamp-default md">&nbsp;</p>
<div>
<div>
<p>升级需要关闭防火墙服务；关闭selinux服务；<br>
升级过程中需要刷新lib库：ldconfig -v；<br>
升级顺序：顺序是zlib库-&gt; libressl -&gt; openssh；<br>
升级需要gcc、make、perl、zlib、zlib-devel、pam、pam-devel依赖包；</p>
<h3>一、安装包准备：</h3>
<table>
<thead>
<tr><th>软件</th><th>版本</th><th>下载地址</th>
</tr>




</thead>
<tbody>
<tr>
<td>openssh</td>
<td>9.6p1</td>
<td>https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.6p1.tar.gz</td>


</tr>
<tr>
<td>zlib</td>
<td>1.3</td>
<td>https://zlib.net/zlib-1.3.tar.gz</td>


</tr>
<tr>
<td>libressl</td>
<td>3.8.2</td>
<td>https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.8.2.tar.gz</td>


</tr>


</tbody>


</table>
<h3>二、升级前环境准备</h3>
<h5>1、将上文下载的三个文件上传至服务器，目录可自行设定，方便即可。</h5>
<p>zlib-1.3.tar.gz<br>
libressl-3.8.2.tar.gz<br>
openssh-9.6p1.tar.gz</p>
<h5>2、关闭系统防火墙</h5>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-css"><code class="language-css">systemctl stop firewalld.service
</code></pre>
</div>
<h5>3、关闭SElinux</h5>
<p>检查是否关闭：<br>
getenforce<br>
如果未关闭，关闭之<br>
setenforce 0<br>
上面只是临时关闭了，重启后不生效。下面改配置文件，使永久生效。</p>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-undefined"><code class="language-undefined">vi /etc/selinux/config
修改：
　　SELINUX=disabled
保存退出。
</code></pre>
</div>
<div class="image-package">
<div class="image-container">
<div class="image-container-fill">
<p><img src="https://img2023.cnblogs.com/blog/2730054/202312/2730054-20231225134952601-1649947112.png"></p>
<p>&nbsp;</p>
</div>
</div>
</div>
<h5>4、安装相关依赖包</h5>
<p>下载不下来更换源</p>
<p>备份</p>
<p>mv <span class="token operator">/etc<span class="token operator">/yum<span class="token punctuation">.repos<span class="token punctuation">.d<span class="token operator">/AnolisOS-BaseOS.repo<span class="token operator"><span class="token punctuation">&nbsp;<span class="token operator">/etc<span class="token operator">/yum<span class="token punctuation">.repos<span class="token punctuation">.d<span class="token operator">/AnolisOS-BaseOS.repo<span class="token operator"><span class="token punctuation"><span class="token punctuation">.backup<span class="token punctuation">.<span class="token number">3</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></p>
<p>下载</p>
<p>wget <span class="token operator">-O <span class="token operator">/etc<span class="token operator">/yum<span class="token punctuation">.repos<span class="token punctuation">.d<span class="token operator">/AnolisOS-BaseOS.repo<span class="token operator"><span class="token punctuation">&nbsp;http<span class="token operator">:<span class="token comment">//mirrors.cloud.tencent.com/repo/centos8_base.repo </span></span></span></span></span></span></span></span></span></span></p>
<p>现在阿里云dockece有问题下载不到，用清华源的</p>
<p>cd /etc/yum.repos.d/</p>
<p>wget&nbsp;<span class="token operator">-O&nbsp;<span class="token operator">/etc<span class="token operator">/yum<span class="token punctuation">.repos<span class="token punctuation">.d<span class="token operator">/docker-ce.repo<span class="token operator"><span class="token punctuation">&nbsp;https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo</span></span></span></span></span></span></span></span></p>
<p>&nbsp;</p>
<p><br>注意该文件的源并不是指向清华源，所以需要修改docker-ce.repo</p>
<p>&nbsp;</p>
<p>修改源。修改前面的linux的父目录<br>vim docker-ce.repo<br>原来的：baseurl=https://download.docker.com/linux/centos/7/$basearch/stable<br>原来的：baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/$basearch/stable<br>vim命令快速修改<br>:%s@https://download.docker.com/@https://mirrors.tuna.tsinghua.edu.cn/docker-ce/@</p>
<p>从源上下载的docker-ce.repo与官方下载的是一样的，需要将文件内容中的download.docker.com也改成mirrors.nju.edu.cn/docker-ce</p>
<p>使用vim编辑配置文件</p>
<p>vim /etc/yum.repos.d/docker-ce.repo<br><br>按i进入编辑模式</p>
<p>按ESC退出编辑模式</p>
<p>退出编辑模式后按“:”进入命令模式</p>
<p>命令模式输入”%s/源字符串/目的字符串/g“批量替换</p>
<p>%s/download.docker.com/mirrors.tuna.tsinghua.edu.cn\/docker-ce/g<br><br>输入后提示有24项被替换</p>
<p>源链接中有“/”字符，需要在其前面加上”\“字符转义</p>
<p>最后的参数g表示全局匹配，有其他的参数可自行百度</p>
<p>命令模式输入wq保存退出<br><br></p>
<p>&nbsp;</p>
<p>---------------------------------------------------------------</p>
<p>首先更新全部</p>
<p>sudo yum update</p>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-go"><code class="language-go">yum install <span class="token operator">-y wget gcc libselinux<span class="token operator">-devel openssl<span class="token operator">-devel <span class="token builtin">make perl zlib zlib<span class="token operator">-devel pam pam<span class="token operator">-devel
</span></span></span></span></span></span></code></pre>
</div>
<p>安装完毕后执行下面命令，确保所有依赖包正常安装</p>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-ruby"><code class="language-ruby">rpm <span class="token operator">-qa <span class="token operator">| egrep <span class="token string">"gcc|make|perl|zlib|zlib-devel|pam|pam-devel"
</span></span></span></code></pre>
</div>
<div class="image-package">
<div class="image-container">
<div class="image-container-fill">
<p><img src="https://img2023.cnblogs.com/blog/2730054/202312/2730054-20231225153632374-577525891.png"></p>
<p>&nbsp;</p>
</div>
</div>
</div>
<h3>二、升级前环境准备</h3>
<h5>1、停止ssh服务，备份ssh配置文件</h5>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-undefined"><code class="language-undefined">systemctl stop sshd
cp -r /etc/ssh /etc/ssh.old
</code></pre>
</div>
<p>备份sshd.service文件</p>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-bash"><code class="language-bash">cat /usr/lib/systemd/system/sshd.service

Description=OpenSSH server daemon
Documentation=man:sshd(8) man:sshd_config(5)
After=network.target sshd-keygen.target
Wants=sshd-keygen.target


Type=notify
EnvironmentFile=-/etc/crypto-policies/back-ends/opensshserver.config
EnvironmentFile=-/etc/sysconfig/sshd
ExecStart=/usr/sbin/sshd -D $OPTIONS $CRYPTO_POLICY
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartSec=42s


WantedBy=multi-user.target
</code></pre>
</div>
<p>备份opensshserver.config配置文件</p>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-bash"><code class="language-bash">cat /etc/crypto-policies/back-ends/opensshserver.config
CRYPTO_POLICY='-oCiphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc -oMACs=hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512 -oGSSAPIKexAlgorithms=gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-,gss-gex-sha1-,gss-group14-sha1- -oKexAlgorithms=curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1 -oHostKeyAlgorithms=ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com -oPubkeyAcceptedKeyTypes=ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com -oCASignatureAlgorithms=ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-256,rsa-sha2-512,ssh-rsa'
</code></pre>
</div>
<p>备份sshd 配置文件</p>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-ruby"><code class="language-ruby">cat <span class="token operator">/etc<span class="token operator">/sysconfig<span class="token operator">/sshd
<span class="token comment"># Configuration file for the sshd service.

<span class="token comment"># The server keys are automatically generated if they are missing.
<span class="token comment"># To change the automatic creation, adjust sshd.service options for
<span class="token comment"># example usingsystemctl enable sshd-keygen@dsa.serviceto allow creation
<span class="token comment"># of DSA key orsystemctl mask sshd-keygen@rsa.serviceto disable RSA key
<span class="token comment"># creation.

<span class="token comment"># Do not change this option unless you have hardware random
<span class="token comment"># generator and you REALLY know what you are doing

<span class="token constant">SSH_USE_STRONG_RNG<span class="token operator">=<span class="token number">0
<span class="token comment"># SSH_USE_STRONG_RNG=1

<span class="token comment"># System-wide crypto policy:
<span class="token comment"># To opt-out, uncomment the following line
<span class="token comment"># CRYPTO_POLICY=
</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></code></pre>
</div>
<h2>这个时候千万不能断开链接</h2>
<h5>2、查看系统原有openssh包</h5>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-ruby"><code class="language-ruby">rpm <span class="token operator">-qa <span class="token operator">| grep openssh
openssh<span class="token operator">-<span class="token number">8.0p1<span class="token operator">-<span class="token number">5.an8<span class="token punctuation">.x86_64
openssh<span class="token operator">-server<span class="token operator">-<span class="token number">8.0p1<span class="token operator">-<span class="token number">5.an8<span class="token punctuation">.x86_64
openssh<span class="token operator">-clients<span class="token operator">-<span class="token number">8.0p1<span class="token operator">-<span class="token number">5.an8<span class="token punctuation">.x86_64
根据上面查询出的结果，卸载系统里原有<span class="token constant">Openssh（一般有三个包，全部卸载）
rpm <span class="token operator">-e <span class="token operator">--nodepsxxxxxxxxxx
rpm <span class="token operator">-e <span class="token operator">--nodeps openssh<span class="token operator">-<span class="token number">8.0p1<span class="token operator">-<span class="token number">5.an8<span class="token punctuation">.x86_64
rpm <span class="token operator">-e <span class="token operator">--nodeps openssh<span class="token operator">-server<span class="token operator">-<span class="token number">8.0p1<span class="token operator">-<span class="token number">5.an8<span class="token punctuation">.x86_64
rpm <span class="token operator">-e <span class="token operator">--nodeps openssh<span class="token operator">-clients<span class="token operator">-<span class="token number">8.0p1<span class="token operator">-<span class="token number">5.an8<span class="token punctuation">.x86_64
卸载完成后执行rpm <span class="token operator">-qa <span class="token operator">| grep openssh，确保没有回显
rpm <span class="token operator">-qa <span class="token operator">| grep openssh
</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></code></pre>
</div>
<div class="image-package">
<div class="image-container">
<div class="image-container-fill">&nbsp;</div>
<div class="image-view" data-width="762" data-height="118">
<p><img src="https://img2023.cnblogs.com/blog/2730054/202312/2730054-20231225154228322-132959826.png"></p>
<p>&nbsp;</p>
</div>
</div>
</div>
<br>
<p>卸载openssh-8.0p1 后检查sshd.service 文件，已删除。</p>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-ruby"><code class="language-ruby">systemctl status sshd
<span class="token constant">Unit sshd<span class="token punctuation">.service could <span class="token keyword">not be found<span class="token punctuation">.
<span class="token punctuation"><span class="token comment"># ll /usr/lib/systemd/system/sshd.service
ls<span class="token punctuation">: 无法访问<span class="token string">'/usr/lib/systemd/system/sshd.service'<span class="token punctuation">: 没有那个文件或目录
<span class="token punctuation"><span class="token comment"># ll /etc/sysconfig/sshd
ls<span class="token punctuation">: 无法访问<span class="token string">'/etc/sysconfig/sshd'<span class="token punctuation">: 没有那个文件或目录
<span class="token punctuation"><span class="token comment"># ll /etc/crypto-policies/back-ends/opensshserver.config
lrwxrwxrwx<span class="token punctuation">. <span class="token number">1 root root <span class="token number">52 <span class="token number">9月<span class="token number">26 <span class="token number">17<span class="token punctuation">:<span class="token number">54 <span class="token operator">/etc<span class="token operator">/crypto<span class="token operator">-policies<span class="token operator">/back<span class="token operator">-ends<span class="token operator">/opensshserver<span class="token punctuation">.config <span class="token operator">-<span class="token operator">&gt; <span class="token operator">/usr<span class="token operator">/share<span class="token operator">/crypto<span class="token operator">-policies<span class="token operator">/<span class="token constant">DEFAULT<span class="token operator">/opensshserver<span class="token punctuation">.txt
<span class="token punctuation"><span class="token comment"># ll /usr/share/crypto-policies/DEFAULT/opensshserver.txt
<span class="token operator">-rw<span class="token operator">-r<span class="token operator">--r<span class="token operator">--<span class="token punctuation">. <span class="token number">2 root root <span class="token number">1663 <span class="token number">6月<span class="token number">24 <span class="token number">2021 <span class="token operator">/usr<span class="token operator">/share<span class="token operator">/crypto<span class="token operator">-policies<span class="token operator">/<span class="token constant">DEFAULT<span class="token operator">/opensshserver<span class="token punctuation">.txt
<span class="token punctuation"><span class="token comment"># cat /usr/share/crypto-policies/DEFAULT/opensshserver.txt
<span class="token constant">CRYPTO_POLICY<span class="token operator">=<span class="token string">'-oCiphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc -oMACs=hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512 -oGSSAPIKexAlgorithms=gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-,gss-gex-sha1-,gss-group14-sha1- -oKexAlgorithms=curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1 -oHostKeyAlgorithms=ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com -oPubkeyAcceptedKeyTypes=ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com -oCASignatureAlgorithms=ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-256,rsa-sha2-512,ssh-rsa'
</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></code></pre>
</div>
<h5>3、编译安装zlib</h5>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-bash"><code class="language-bash">tar xzvf zlib-1.3.tar.gz
cd zlib-1.3/
./configure --prefix=/usr/local/zlib
make
make install
</code></pre>
</div>
<p>验证zlib安装是否成功，要包含include、lib、share三个目录。</p>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-php"><code class="language-php"><span class="token shell-comment comment"># ll /usr/local/zlib/
总用量 <span class="token number">0
drwxr<span class="token operator">-xr<span class="token operator">-x <span class="token number">2 root root <span class="token number">35 <span class="token number">9月<span class="token number">26 <span class="token number">15<span class="token punctuation">:<span class="token number">05 <span class="token keyword">include
drwxr<span class="token operator">-xr<span class="token operator">-x <span class="token number">3 root root <span class="token number">91 <span class="token number">9月<span class="token number">26 <span class="token number">15<span class="token punctuation">:<span class="token number">05 lib
drwxr<span class="token operator">-xr<span class="token operator">-x <span class="token number">3 root root <span class="token number">17 <span class="token number">9月<span class="token number">26 <span class="token number">15<span class="token punctuation">:<span class="token number">05 share
</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></code></pre>
</div>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-bash"><code class="language-bash">新建并编辑配置文件：
vi /etc/ld.so.conf.d/zlib.conf
加入如下内容后保存退出
/usr/local/zlib/lib
刷新库文件，加载刚才编译安装的zlib生成的库文件
ldconfig -v
</code></pre>
</div>
<h5>4、编译安装libressl</h5>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-bash"><code class="language-bash">tar xzvf libressl-3.8.2.tar.gz
cd libressl-3.8.2/
./configure --prefix=/usr/local/libressl
make
make install
echo '/usr/local/libressl/lib' &gt; /etc/ld.so.conf.d/libressl.conf
ldconfig -v
</code></pre>
</div>
<p>如下libressl库可以被系统找到</p>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-bash"><code class="language-bash"># ldconfig -p|grep /usr/local/libressl
    libtls.so.25 (libc6,x86-64) =&gt; /usr/local/libressl/lib/libtls.so.25
    libtls.so (libc6,x86-64) =&gt; /usr/local/libressl/lib/libtls.so
    libssl.so.52 (libc6,x86-64) =&gt; /usr/local/libressl/lib/libssl.so.52
    libssl.so (libc6,x86-64) =&gt; /usr/local/libressl/lib/libssl.so
    libcrypto.so.49 (libc6,x86-64) =&gt; /usr/local/libressl/lib/libcrypto.so.49
    libcrypto.so (libc6,x86-64) =&gt; /usr/local/libressl/lib/libcrypto.so
</code></pre>
</div>
<p>重命名现有文件目录<br>
mv /usr/bin/openssl /usr/bin/openssl.bak<br>
创建ssl相关软连接<br>
ln -s /usr/local/libressl/bin/openssl /usr/bin/openssl<br>
ln -s /usr/local/libressl/include/openssl /usr/include/openssl<br>
编辑配置文件<br>
vi /etc/ld.so.conf.d/ssl.conf<br>
加入如下内容后保存退出<br>
/usr/local/ssl/lib<br>
刷新库文件，加载刚才编译安装的ssl生成的库文件<br>
ldconfig -v<br>
查看openssl版本<br>
openssl version -a</p>




<br>
<div class="image-package">
<div class="image-container">
<div class="image-container-fill">
<p><img src="https://img2023.cnblogs.com/blog/2730054/202312/2730054-20231225160858550-314239417.png"></p>
<p>&nbsp;</p>


</div>


</div>




</div>
<h5>5、编译安装openssh</h5>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-csharp"><code class="language-csharp">tar xzvf openssh-9.6p1.tar.gz<span class="token operator"><span class="token number"><span class="token punctuation"><span class="token punctuation">
cd openssh-9.6p1<br><span class="token operator"><span class="token number">
<span class="token punctuation">.<span class="token operator">/configure <span class="token operator">--prefix<span class="token operator">=<span class="token operator">/usr <span class="token operator">--with<span class="token operator">-zlib<span class="token operator">=<span class="token operator">/usr<span class="token operator">/local<span class="token operator">/zlib <span class="token operator">--with<span class="token operator">-ssl<span class="token operator">-dir<span class="token operator">=<span class="token operator">/usr<span class="token operator">/local<span class="token operator">/libressl
make
修改文件权限
ll <span class="token operator">/etc<span class="token operator">/ssh
总用量 <span class="token number">24
<span class="token operator">-rw<span class="token operator">-r<span class="token operator">--<span class="token operator">--<span class="token operator">-<span class="token punctuation">. <span class="token number">1 root ssh_keys<span class="token number">480 <span class="token number">6月<span class="token number">20 <span class="token number">17<span class="token punctuation">:<span class="token number">38 ssh_host_ecdsa_key
<span class="token operator">-rw<span class="token operator">-r<span class="token operator">--r<span class="token operator">--<span class="token punctuation">. <span class="token number">1 root root      <span class="token number">162 <span class="token number">6月<span class="token number">20 <span class="token number">17<span class="token punctuation">:<span class="token number">38 ssh_host_ecdsa_key<span class="token punctuation">.pub
<span class="token operator">-rw<span class="token operator">-r<span class="token operator">--<span class="token operator">--<span class="token operator">-<span class="token punctuation">. <span class="token number">1 root ssh_keys<span class="token number">387 <span class="token number">6月<span class="token number">20 <span class="token number">17<span class="token punctuation">:<span class="token number">38 ssh_host_ed25519_key
<span class="token operator">-rw<span class="token operator">-r<span class="token operator">--r<span class="token operator">--<span class="token punctuation">. <span class="token number">1 root root       <span class="token number">82 <span class="token number">6月<span class="token number">20 <span class="token number">17<span class="token punctuation">:<span class="token number">38 ssh_host_ed25519_key<span class="token punctuation">.pub
<span class="token operator">-rw<span class="token operator">-r<span class="token operator">--<span class="token operator">--<span class="token operator">-<span class="token punctuation">. <span class="token number">1 root ssh_keys <span class="token number">2578 <span class="token number">6月<span class="token number">20 <span class="token number">17<span class="token punctuation">:<span class="token number">38 ssh_host_rsa_key
<span class="token operator">-rw<span class="token operator">-r<span class="token operator">--r<span class="token operator">--<span class="token punctuation">. <span class="token number">1 root root      <span class="token number">554 <span class="token number">6月<span class="token number">20 <span class="token number">17<span class="token punctuation">:<span class="token number">38 ssh_host_rsa_key<span class="token punctuation">.pub

chmod <span class="token number">600 <span class="token operator">/etc<span class="token operator">/ssh<span class="token operator">/ssh_host_rsa_key
chmod <span class="token number">600 <span class="token operator">/etc<span class="token operator">/ssh<span class="token operator">/ssh_host_ecdsa_key
chmod <span class="token number">600 <span class="token operator">/etc<span class="token operator">/ssh<span class="token operator">/ssh_host_ed25519_key

ll <span class="token operator">/etc<span class="token operator">/ssh
总用量 <span class="token number">24
<span class="token operator">-rw<span class="token operator">--<span class="token operator">--<span class="token operator">--<span class="token operator">-<span class="token punctuation">. <span class="token number">1 root ssh_keys<span class="token number">480 <span class="token number">6月<span class="token number">20 <span class="token number">17<span class="token punctuation">:<span class="token number">38 ssh_host_ecdsa_key
<span class="token operator">-rw<span class="token operator">-r<span class="token operator">--r<span class="token operator">--<span class="token punctuation">. <span class="token number">1 root root      <span class="token number">162 <span class="token number">6月<span class="token number">20 <span class="token number">17<span class="token punctuation">:<span class="token number">38 ssh_host_ecdsa_key<span class="token punctuation">.pub
<span class="token operator">-rw<span class="token operator">--<span class="token operator">--<span class="token operator">--<span class="token operator">-<span class="token punctuation">. <span class="token number">1 root ssh_keys<span class="token number">387 <span class="token number">6月<span class="token number">20 <span class="token number">17<span class="token punctuation">:<span class="token number">38 ssh_host_ed25519_key
<span class="token operator">-rw<span class="token operator">-r<span class="token operator">--r<span class="token operator">--<span class="token punctuation">. <span class="token number">1 root root       <span class="token number">82 <span class="token number">6月<span class="token number">20 <span class="token number">17<span class="token punctuation">:<span class="token number">38 ssh_host_ed25519_key<span class="token punctuation">.pub
<span class="token operator">-rw<span class="token operator">--<span class="token operator">--<span class="token operator">--<span class="token operator">-<span class="token punctuation">. <span class="token number">1 root ssh_keys <span class="token number">2578 <span class="token number">6月<span class="token number">20 <span class="token number">17<span class="token punctuation">:<span class="token number">38 ssh_host_rsa_key
<span class="token operator">-rw<span class="token operator">-r<span class="token operator">--r<span class="token operator">--<span class="token punctuation">. <span class="token number">1 root root      <span class="token number">554 <span class="token number">6月<span class="token number">20 <span class="token number">17<span class="token punctuation">:<span class="token number">38 ssh_host_rsa_key<span class="token punctuation">.pub

make install

<span class="token punctuation">.<span class="token punctuation">.<span class="token punctuation">.<span class="token punctuation">.<span class="token punctuation">.<span class="token punctuation">.<span class="token punctuation">.
<span class="token operator">/usr<span class="token operator">/bin<span class="token operator">/install <span class="token operator">-c <span class="token operator">-m <span class="token number">644 scp<span class="token punctuation">.<span class="token number">1.<span class="token keyword">out <span class="token operator">/usr<span class="token operator">/share<span class="token operator">/man<span class="token operator">/man1<span class="token operator">/scp<span class="token punctuation">.<span class="token number">1
<span class="token operator">/usr<span class="token operator">/bin<span class="token operator">/install <span class="token operator">-c <span class="token operator">-m <span class="token number">644 ssh<span class="token operator">-<span class="token keyword">add<span class="token number">.1<span class="token punctuation">.<span class="token keyword">out <span class="token operator">/usr<span class="token operator">/share<span class="token operator">/man<span class="token operator">/man1<span class="token operator">/ssh<span class="token operator">-<span class="token keyword">add<span class="token number">.1
<span class="token operator">/usr<span class="token operator">/bin<span class="token operator">/install <span class="token operator">-c <span class="token operator">-m <span class="token number">644 ssh<span class="token operator">-agent<span class="token punctuation">.<span class="token number">1.<span class="token keyword">out <span class="token operator">/usr<span class="token operator">/share<span class="token operator">/man<span class="token operator">/man1<span class="token operator">/ssh<span class="token operator">-agent<span class="token punctuation">.<span class="token number">1
<span class="token operator">/usr<span class="token operator">/bin<span class="token operator">/install <span class="token operator">-c <span class="token operator">-m <span class="token number">644 ssh<span class="token operator">-keygen<span class="token punctuation">.<span class="token number">1.<span class="token keyword">out <span class="token operator">/usr<span class="token operator">/share<span class="token operator">/man<span class="token operator">/man1<span class="token operator">/ssh<span class="token operator">-keygen<span class="token punctuation">.<span class="token number">1
<span class="token operator">/usr<span class="token operator">/bin<span class="token operator">/install <span class="token operator">-c <span class="token operator">-m <span class="token number">644 ssh<span class="token operator">-keyscan<span class="token punctuation">.<span class="token number">1.<span class="token keyword">out <span class="token operator">/usr<span class="token operator">/share<span class="token operator">/man<span class="token operator">/man1<span class="token operator">/ssh<span class="token operator">-keyscan<span class="token punctuation">.<span class="token number">1
<span class="token operator">/usr<span class="token operator">/bin<span class="token operator">/install <span class="token operator">-c <span class="token operator">-m <span class="token number">644 moduli<span class="token punctuation">.<span class="token number">5.<span class="token keyword">out <span class="token operator">/usr<span class="token operator">/share<span class="token operator">/man<span class="token operator">/man5<span class="token operator">/moduli<span class="token punctuation">.<span class="token number">5
<span class="token operator">/usr<span class="token operator">/bin<span class="token operator">/install <span class="token operator">-c <span class="token operator">-m <span class="token number">644 sshd_config<span class="token punctuation">.<span class="token number">5.<span class="token keyword">out <span class="token operator">/usr<span class="token operator">/share<span class="token operator">/man<span class="token operator">/man5<span class="token operator">/sshd_config<span class="token punctuation">.<span class="token number">5
<span class="token operator">/usr<span class="token operator">/bin<span class="token operator">/install <span class="token operator">-c <span class="token operator">-m <span class="token number">644 ssh_config<span class="token punctuation">.<span class="token number">5.<span class="token keyword">out <span class="token operator">/usr<span class="token operator">/share<span class="token operator">/man<span class="token operator">/man5<span class="token operator">/ssh_config<span class="token punctuation">.<span class="token number">5
<span class="token operator">/usr<span class="token operator">/bin<span class="token operator">/install <span class="token operator">-c <span class="token operator">-m <span class="token number">644 sshd<span class="token punctuation">.<span class="token number">8.<span class="token keyword">out <span class="token operator">/usr<span class="token operator">/share<span class="token operator">/man<span class="token operator">/man8<span class="token operator">/sshd<span class="token punctuation">.<span class="token number">8
<span class="token operator">/usr<span class="token operator">/bin<span class="token operator">/install <span class="token operator">-c <span class="token operator">-m <span class="token number">644 sftp<span class="token punctuation">.<span class="token number">1.<span class="token keyword">out <span class="token operator">/usr<span class="token operator">/share<span class="token operator">/man<span class="token operator">/man1<span class="token operator">/sftp<span class="token punctuation">.<span class="token number">1
<span class="token operator">/usr<span class="token operator">/bin<span class="token operator">/install <span class="token operator">-c <span class="token operator">-m <span class="token number">644 sftp<span class="token operator">-server<span class="token punctuation">.<span class="token number">8.<span class="token keyword">out <span class="token operator">/usr<span class="token operator">/share<span class="token operator">/man<span class="token operator">/man8<span class="token operator">/sftp<span class="token operator">-server<span class="token punctuation">.<span class="token number">8
<span class="token operator">/usr<span class="token operator">/bin<span class="token operator">/install <span class="token operator">-c <span class="token operator">-m <span class="token number">644 ssh<span class="token operator">-keysign<span class="token punctuation">.<span class="token number">8.<span class="token keyword">out <span class="token operator">/usr<span class="token operator">/share<span class="token operator">/man<span class="token operator">/man8<span class="token operator">/ssh<span class="token operator">-keysign<span class="token punctuation">.<span class="token number">8
<span class="token operator">/usr<span class="token operator">/bin<span class="token operator">/install <span class="token operator">-c <span class="token operator">-m <span class="token number">644 ssh<span class="token operator">-pkcs11<span class="token operator">-helper<span class="token punctuation">.<span class="token number">8.<span class="token keyword">out <span class="token operator">/usr<span class="token operator">/share<span class="token operator">/man<span class="token operator">/man8<span class="token operator">/ssh<span class="token operator">-pkcs11<span class="token operator">-helper<span class="token punctuation">.<span class="token number">8
<span class="token operator">/usr<span class="token operator">/bin<span class="token operator">/install <span class="token operator">-c <span class="token operator">-m <span class="token number">644 ssh<span class="token operator">-sk<span class="token operator">-helper<span class="token punctuation">.<span class="token number">8.<span class="token keyword">out <span class="token operator">/usr<span class="token operator">/share<span class="token operator">/man<span class="token operator">/man8<span class="token operator">/ssh<span class="token operator">-sk<span class="token operator">-helper<span class="token punctuation">.<span class="token number">8
<span class="token operator">/usr<span class="token operator">/bin<span class="token operator">/mkdir <span class="token operator">-p <span class="token operator">/usr<span class="token operator">/etc
ssh<span class="token operator">-keygen<span class="token punctuation">: generating <span class="token keyword">new host keys<span class="token punctuation">: <span class="token class-name">RSA <span class="token class-name">DSA <span class="token class-name">ECDSA ED25519
<span class="token operator">/usr<span class="token operator">/sbin<span class="token operator">/sshd <span class="token operator">-t <span class="token operator">-f<span class="token operator"><span class="token operator">/etc<span class="token operator">/sshd_config


修改配置文件<span class="token operator">/usr<span class="token operator">/etc<span class="token operator">/sshd_config，允许root直接登录<br></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></code></pre>
<pre class="line-numberslanguage-csharp"><code class="language-csharp"><span class="token operator"><span class="token number"><span class="token punctuation"><span class="token punctuation"><span class="token operator"><span class="token number"><span class="token punctuation"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token punctuation"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token punctuation"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token punctuation"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token punctuation"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token punctuation"><span class="token punctuation"><span class="token punctuation"><span class="token punctuation"><span class="token punctuation"><span class="token punctuation"><span class="token punctuation"><span class="token punctuation"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token keyword"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token operator"><span class="token keyword"><span class="token number"><span class="token punctuation"><span class="token keyword"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token keyword"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token keyword"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token keyword"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token keyword"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token keyword"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token keyword"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token keyword"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token keyword"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token punctuation"><span class="token number"><span class="token keyword"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token keyword"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token keyword"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token keyword"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token number"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token keyword"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token number"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token punctuation"><span class="token keyword"><span class="token punctuation"><span class="token class-name"><span class="token class-name"><span class="token class-name"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator"><span class="token operator">vim /etc<span class="token operator">/sshd_config</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></code></pre>
<pre class="line-numberslanguage-csharp"><code class="language-csharp">开放<span class="token number">22端口,不一定是22端口 根据实际的来开放
<span class="token preprocessor property">#Port 22
<span class="token class-name">Port <span class="token number">22

允许root登录
<span class="token class-name">PermitRootLogin yes

<span class="token preprocessor property">#HostKey /etc/ssh_host_rsa_key
<span class="token preprocessor property">#HostKey /etc/ssh_host_ecdsa_key
<span class="token preprocessor property">#HostKey /etc/ssh_host_ed25519_key
改为
HostKey <span class="token operator">/etc<span class="token operator">/ssh<span class="token operator">/ssh_host_rsa_key
HostKey <span class="token operator">/etc<span class="token operator">/ssh<span class="token operator">/ssh_host_ecdsa_key
HostKey <span class="token operator">/etc<span class="token operator">/ssh<span class="token operator">/ssh_host_ed25519_key
保存后退出</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></code></pre>
</div>
<p>&nbsp;</p>
<p><img src="https://img2023.cnblogs.com/blog/2730054/202312/2730054-20231225163244381-1476306518.png"></p>
<p>&nbsp;</p>
<p><img src="https://img2023.cnblogs.com/blog/2730054/202312/2730054-20231225163253024-241582131.png"></p>
<p>&nbsp;</p>
<p><img src="https://img2023.cnblogs.com/blog/2730054/202312/2730054-20231225163258591-1541979637.png"></p>
<p>&nbsp;</p>
<p>ssh服务必须开机自启动，因此要进行一些设置<br>
如果是centos7就需要先备份就的service<br>
mv/usr/lib/systemd/system/sshd.service/usr/lib/systemd/system/sshd.serviceold<br>
AnolisOS 8系统则可以直接新建<br>
新建配置文件/etc/sysconfig/sshd</p>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-bash"><code class="language-bash">vim /etc/sysconfig/sshd
填写如下内容

# Configuration file for the sshd service.

# The server keys are automatically generated if they are missing.
# To change the automatic creation uncomment and change the appropriate
# line. Accepted key types are: DSA RSA ECDSA ED25519.
# The default is "RSA ECDSA ED25519"

# AUTOCREATE_SERVER_KEYS=""
# AUTOCREATE_SERVER_KEYS="RSA ECDSA ED25519"

# Do not change this option unless you have hardware random
# generator and you REALLY know what you are doing

SSH_USE_STRONG_RNG=0
# SSH_USE_STRONG_RNG=1
</code></pre>
</div>
<p>保存后退出</p>
<p>新建sshd.service</p>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-csharp"><code class="language-csharp">vim <span class="token operator">/usr<span class="token operator">/lib<span class="token operator">/systemd<span class="token operator">/system<span class="token operator">/sshd<span class="token punctuation">.service
<span class="token punctuation">[<span class="token class-name">Unit<span class="token punctuation">]
Description<span class="token operator">=<span class="token class-name">OpenSSH <span class="token number">9 server daemon
Documentation<span class="token operator">=man<span class="token punctuation">:<span class="token function">sshd<span class="token punctuation">(<span class="token number">8<span class="token punctuation">) man<span class="token punctuation">:<span class="token function">sshd_config<span class="token punctuation">(<span class="token number">5<span class="token punctuation">)
After<span class="token operator">=network<span class="token punctuation">.target sshd<span class="token operator">-keygen<span class="token punctuation">.service
Wants<span class="token operator">=sshd<span class="token operator">-keygen<span class="token punctuation">.service

<span class="token punctuation">[<span class="token class-name">Service<span class="token punctuation">]
Type<span class="token operator">=simple
EnvironmentFile<span class="token operator">=<span class="token operator">/etc<span class="token operator">/sysconfig<span class="token operator">/sshd
ExecStart<span class="token operator">=<span class="token operator">/usr<span class="token operator">/sbin<span class="token operator">/sshd <span class="token operator">-D $<span class="token class-name">OPTIONS
ExecReload<span class="token operator">=<span class="token operator">/bin<span class="token operator">/kill <span class="token operator">-HUP $<span class="token class-name">MAINPID
KillMode<span class="token operator">=process
Restart<span class="token operator">=on<span class="token operator">-failure
RestartSec<span class="token operator">=<span class="token number">42s

<span class="token punctuation">[<span class="token class-name">Install<span class="token punctuation">]
WantedBy<span class="token operator">=multi<span class="token operator">-user<span class="token punctuation">.target　
</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></code></pre>
</div>
<div class="_2Uzcx_"><button class="VJbwyy" type="button"></button>
<pre class="line-numberslanguage-jsx"><code class="language-jsx">systemctl daemon<span class="token operator">-reload
启动sshd服务
systemctl start sshd
设置开机自动启动
systemctl enable sshd<span class="token punctuation">.service
查看sshd服务状态
systemctl status sshd <span class="token operator">-l<br><br>#启动 <br>systemctl start sshd.service <br>#查看状态 <br>systemctl status sshd.service <br>增加开机自启 : <br>systemctl enable sshd.service



● sshd<span class="token punctuation">.service <span class="token operator">- OpenSSH <span class="token number">9 server daemon
   Loaded<span class="token punctuation">: <span class="token function">loaded <span class="token punctuation">(<span class="token operator">/usr<span class="token operator">/lib<span class="token operator">/systemd<span class="token operator">/system<span class="token operator">/sshd<span class="token punctuation">.service<span class="token punctuation">; disabled<span class="token punctuation">; vendor preset<span class="token punctuation">: enabled<span class="token punctuation">)
   Active<span class="token punctuation">: <span class="token function">active <span class="token punctuation">(running<span class="token punctuation">) since Mon <span class="token number">2022<span class="token operator">-<span class="token number">09<span class="token operator">-<span class="token number">26 <span class="token number">16<span class="token punctuation">:<span class="token number">34<span class="token punctuation">:<span class="token number">09 <span class="token constant">CST<span class="token punctuation">; <span class="token number">4s ago
   Docs<span class="token punctuation">: man<span class="token punctuation">:<span class="token function">sshd<span class="token punctuation">(<span class="token number">8<span class="token punctuation">)
         man<span class="token punctuation">:<span class="token function">sshd_config<span class="token punctuation">(<span class="token number">5<span class="token punctuation">)
Main <span class="token constant">PID<span class="token punctuation">: <span class="token number">68932 <span class="token punctuation">(sshd<span class="token punctuation">)
    Tasks<span class="token punctuation">: <span class="token number">1 <span class="token punctuation">(limit<span class="token punctuation">: <span class="token number">23576<span class="token punctuation">)
   Memory<span class="token punctuation">: <span class="token number">764.0K
   CGroup<span class="token punctuation">: <span class="token operator">/system<span class="token punctuation">.slice<span class="token operator">/sshd<span class="token punctuation">.service
         └─<span class="token number">68932 sshd<span class="token punctuation">: <span class="token operator">/usr<span class="token operator">/sbin<span class="token operator">/sshd <span class="token operator">-<span class="token constant">D <span class="token punctuation"> <span class="token number">0 <span class="token keyword">of <span class="token number">10<span class="token operator">-<span class="token number">100 startups

<span class="token number">9月 <span class="token number">26 <span class="token number">16<span class="token punctuation">:<span class="token number">34<span class="token punctuation">:<span class="token number">09 anolis systemd<span class="token punctuation">[<span class="token number">1<span class="token punctuation">]<span class="token punctuation">: Started OpenSSH <span class="token number">9 server daemon<span class="token punctuation">.
<span class="token number">9月 <span class="token number">26 <span class="token number">16<span class="token punctuation">:<span class="token number">34<span class="token punctuation">:<span class="token number">09 anolis sshd<span class="token punctuation">[<span class="token number">68932<span class="token punctuation">]<span class="token punctuation">: Server listening on <span class="token number">0.0<span class="token number">.0<span class="token number">.0 port <span class="token number">22.
<span class="token number">9月 <span class="token number">26 <span class="token number">16<span class="token punctuation">:<span class="token number">34<span class="token punctuation">:<span class="token number">09 anolis sshd<span class="token punctuation">[<span class="token number">68932<span class="token punctuation">]<span class="token punctuation">: Server listening on <span class="token punctuation">:<span class="token punctuation">: port <span class="token number">22.

验证ssh版本
ssh <span class="token operator">-<span class="token constant">V</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></code></pre>
</div>
</div>
</div>
</div><br><br>
来源：https://www.cnblogs.com/wjsqqj/p/17925907.html

查看完整版本: CentOS openssh 升级教程