centos6.5 离线升级openssh7.7
2024-05-13 04:23:29
centos6.5 离线升级openssh7.7
测试环境需要联网准备离线升级的安装包
使用环境:centos6.5 数据迁移到centos 9
openssh 版本太低导致6.5无法ssh到9上面。
1.注意网关
route -n
route add default gw 192.168.11.2
2.注意dns
vim /etc/resolv.conf
nameserver 114.114.114.114
重启网络命令: service network restart
重启ssh命令:service sshd restart
3.注意下载源
这里使用阿里源
地址:https://developer.aliyun.com/mirror/
地址:https://developer.aliyun.com/mirror/centos?spm=a2c6h.13651102.0.0.3e221b11DPaMrO
centos6(centos6官方源已下线,建议切换centos-vault源)
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-6.10.repo
运行 yum makecache 生成缓存
yum makecache
4.下载
yum install yum-plugin-downloadonly 参数说明:
--downloadonly 仅下载依赖包不安装--downloaddir 下载的依赖包保存的文件位置
示例:yum install --downloadonly --downloaddir=/opt/rpm/gcc/ gcc -y
5.开始操作
cd /opt1:下载openssh7.7
wget https://mirrors.sonic.net/pub/OpenBSD/OpenSSH/portable/openssh-7.7p1.tar.gz2备份ssh配置
mkdir /bak && mv /etc/ssh /bak/ssh.bak解压 tar -zxf openssh-7.7p1.tar.gz
cd openssh-7.7p1
[root@localhost openssh-7.7p1]# ./configure --prefix=/usr --sysconfdir=/etc/ssh
checking for gcc... no
checking for cc... no
checking for cl.exe... no
configure: error: in `/opt/openssh-7.7p1':
configure: error: no acceptable C compiler found in $PATH
See `config.log' for more details
6.安装gcc
mkdir /opt/rpm/gcc -p
yum install --downloadonly --downloaddir=/opt/rpm/gcc/ gcc -y
只是下载包 不安装
cd /opt/rpm/gcc
rpm安装:rpm -ivh ./* --nodeps --force[root@localhost gcc]# pwd
/opt/rpm/gcc
[root@localhost gcc]# ls
cloog-ppl-0.15.7-1.2.el6.x86_64.rpm libgomp-4.4.7-23.el6.x86_64.rpm
cpp-4.4.7-23.el6.x86_64.rpm mpfr-2.4.1-6.el6.x86_64.rpm
gcc-4.4.7-23.el6.x86_64.rpm ppl-0.10.2-11.el6.x86_64.rpm
libgcc-4.4.7-23.el6.x86_64.rpm
[root@localhost gcc]# rpm -ivh ./* --nodeps --force
Preparing... ########################################### [100%]1:libgcc ########################################### [ 14%]2:ppl ########################################### [ 29%]3:cloog-ppl ########################################### [ 43%]4:mpfr ########################################### [ 57%]5:cpp ########################################### [ 71%]6:libgomp ########################################### [ 86%]7:gcc ########################################### [100%]
[root@localhost gcc]#gcc -v
使用内建 specs。
目标:x86_64-redhat-linux
配置为:../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --with-bugurl=http://bugzilla.redhat.com/bugzilla --enable-bootstrap --enable-shared --enable-threads=posix --enable-checking=release --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-gnu-unique-object --enable-languages=c,c++,objc,obj-c++,java,fortran,ada --enable-java-awt=gtk --disable-dssi --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-1.5.0.0/jre --enable-libgcj-multifile --enable-java-maintainer-mode --with-ecj-jar=/usr/share/java/eclipse-ecj.jar --disable-libjava-multilib --with-ppl --with-cloog --with-tune=generic --with-arch_32=i686 --build=x86_64-redhat-linux
线程模型:posix
gcc 版本 4.4.7 20120313 (Red Hat 4.4.7-23) (GCC)7.继续编译openssh
./configure --prefix=/usr --sysconfdir=/etc/sshchecking zlib.h usability... no
checking zlib.h presence... no
checking for zlib.h... no
configure: error: *** zlib.h missing - please install first or check config.log ***
[root@localhost openssh-7.7p1]#8.安装 zlib
#yum install -y zlib-devel
mkdir /opt/rpm/zlib-devel
yum install -y --downloadonly --downloaddir=/opt/rpm/zlib-devel zlib-devel[root@localhost rpm]# ls
gcc zlib-devel-1.2.3-29.el6.x86_64.rpm
[root@localhost rpm]# rpm -ivh zlib-devel-1.2.3-29.el6.x86_64.rpm
Preparing... ########################################### [100%]1:zlib-devel ########################################### [100%]
[root@localhost rpm]#9.继续编译openssh
./configure --prefix=/usr --sysconfdir=/etc/sshchecking openssl/opensslv.h usability... no
checking openssl/opensslv.h presence... no
checking for openssl/opensslv.h... no
configure: error: *** OpenSSL headers missing - please install first or check config.log ***
[root@localhost openssh-7.7p1]#10.安装openssl-devel
# yum -y install openssl-devel
mkdir /opt/rpm/openssl-devl
yum install -y --downloadonly --downloaddir=/opt/rpm/openssl-devel openssl-devel[root@localhost openssl-devel]# pwd
/opt/rpm/openssl-devel
[root@localhost openssl-devel]# ls
e2fsprogs-1.41.12-24.el6.x86_64.rpm krb5-workstation-1.10.3-65.el6.x86_64.rpm libselinux-utils-2.0.94-7.el6.x86_64.rpm
e2fsprogs-libs-1.41.12-24.el6.x86_64.rpm libcom_err-1.41.12-24.el6.x86_64.rpm libsepol-devel-2.0.41-4.el6.x86_64.rpm
keyutils-1.4-5.el6.x86_64.rpm libcom_err-devel-1.41.12-24.el6.x86_64.rpm libss-1.41.12-24.el6.x86_64.rpm
keyutils-libs-1.4-5.el6.x86_64.rpm libkadm5-1.10.3-65.el6.x86_64.rpm openssl-1.0.1e-58.el6_10.x86_64.rpm
keyutils-libs-devel-1.4-5.el6.x86_64.rpm libselinux-2.0.94-7.el6.x86_64.rpm openssl-devel-1.0.1e-58.el6_10.x86_64.rpm
krb5-devel-1.10.3-65.el6.x86_64.rpm libselinux-devel-2.0.94-7.el6.x86_64.rpm
krb5-libs-1.10.3-65.el6.x86_64.rpm libselinux-python-2.0.94-7.el6.x86_64.rpm
[root@localhost openssl-devel]# openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013
[root@localhost openssl-devel]# rpm -ivh ./* --nodeps --force
Preparing... ########################################### [100%]1:libcom_err ########################################### [ 5%]2:libselinux ########################################### [ 11%]3:keyutils-libs ########################################### [ 16%]4:krb5-libs ########################################### [ 21%]5:libkadm5 ########################################### [ 26%]6:libss ########################################### [ 32%]7:openssl ########################################### [ 37%]8:keyutils-libs-devel ########################################### [ 42%]9:e2fsprogs-libs ########################################### [ 47%]10:libcom_err-devel ########################################### [ 53%]11:libsepol-devel ########################################### [ 58%]12:libselinux-devel ########################################### [ 63%]13:krb5-devel ########################################### [ 68%]14:openssl-devel ########################################### [ 74%]15:e2fsprogs ########################################### [ 79%]16:krb5-workstation ########################################### [ 84%]17:keyutils ########################################### [ 89%]18:libselinux-python ########################################### [ 95%]19:libselinux-utils ########################################### [100%]11.继续编译openssh
[root@localhost openssh-7.7p1]# pwd
/opt/openssh-7.7p1
[root@localhost openssh-7.7p1]# ./configure --prefix=/usr --sysconfdir=/etc/sshOpenSSH has been configured with the following options:User binaries: /usr/binSystem binaries: /usr/sbinConfiguration files: /etc/sshAskpass program: /usr/libexec/ssh-askpassManual pages: /usr/share/man/manXPID file: /var/runPrivilege separation chroot path: /var/emptysshd default user PATH: /usr/bin:/bin:/usr/sbin:/sbinManpage format: docPAM support: noOSF SIA support: noKerberosV support: noSELinux support: noS/KEY support: noMD5 password support: nolibedit support: nolibldns support: noSolaris process contract support: noSolaris project support: noSolaris privilege support: noIP address in $DISPLAY hack: noTranslate v4 in v6 hack: yesBSD Auth support: noRandom number source: OpenSSL internal ONLYPrivsep sandbox style: rlimitHost: x86_64-pc-linux-gnuCompiler: gccCompiler flags: -g -O2 -pipe -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wno-pointer-sign -fno-strict-aliasing -mfunction-return=thunk -mindirect-branch=thunk -D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset -fstack-protector-all -fPIE
Preprocessor flags: -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCELinker flags: -Wl,-z,retpolineplt -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack -fstack-protector-all -pieLibraries: -lcrypto -lrt -ldl -lutil -lz -lcrypt -lresolv[root@localhost openssh-7.7p1]#make12.需要测试:
make完成后先不要make install,先卸载旧版的openssh
rpm -e --nodeps `rpm -qa | grep openssh`[root@localhost openssh-7.7p1]# rpm -e --nodeps `rpm -qa | grep openssh`
[root@localhost openssh-7.7p1]#完成后执行make install:# make install[root@localhost openssh-7.7p1]# make install
(cd openbsd-compat && make)
make[1]: Entering directory `/opt/openssh-7.7p1/openbsd-compat'
make[1]: Nothing to be done for `all'.
make[1]: Leaving directory `/opt/openssh-7.7p1/openbsd-compat'
/bin/mkdir -p /usr/bin
/bin/mkdir -p /usr/sbin
/bin/mkdir -p /usr/share/man/man1
/bin/mkdir -p /usr/share/man/man5
/bin/mkdir -p /usr/share/man/man8
/bin/mkdir -p /usr/libexec
/bin/mkdir -p -m 0755 /var/empty
/usr/bin/install -c -m 0755 -s ssh /usr/bin/ssh
/usr/bin/install -c -m 0755 -s scp /usr/bin/scp
/usr/bin/install -c -m 0755 -s ssh-add /usr/bin/ssh-add
/usr/bin/install -c -m 0755 -s ssh-agent /usr/bin/ssh-agent
/usr/bin/install -c -m 0755 -s ssh-keygen /usr/bin/ssh-keygen
/usr/bin/install -c -m 0755 -s ssh-keyscan /usr/bin/ssh-keyscan
/usr/bin/install -c -m 0755 -s sshd /usr/sbin/sshd
/usr/bin/install -c -m 4711 -s ssh-keysign /usr/libexec/ssh-keysign
/usr/bin/install -c -m 0755 -s ssh-pkcs11-helper /usr/libexec/ssh-pkcs11-helper
/usr/bin/install -c -m 0755 -s sftp /usr/bin/sftp
/usr/bin/install -c -m 0755 -s sftp-server /usr/libexec/sftp-server
/usr/bin/install -c -m 644 ssh.1.out /usr/share/man/man1/ssh.1
/usr/bin/install -c -m 644 scp.1.out /usr/share/man/man1/scp.1
/usr/bin/install -c -m 644 ssh-add.1.out /usr/share/man/man1/ssh-add.1
/usr/bin/install -c -m 644 ssh-agent.1.out /usr/share/man/man1/ssh-agent.1
/usr/bin/install -c -m 644 ssh-keygen.1.out /usr/share/man/man1/ssh-keygen.1
/usr/bin/install -c -m 644 ssh-keyscan.1.out /usr/share/man/man1/ssh-keyscan.1
/usr/bin/install -c -m 644 moduli.5.out /usr/share/man/man5/moduli.5
/usr/bin/install -c -m 644 sshd_config.5.out /usr/share/man/man5/sshd_config.5
/usr/bin/install -c -m 644 ssh_config.5.out /usr/share/man/man5/ssh_config.5
/usr/bin/install -c -m 644 sshd.8.out /usr/share/man/man8/sshd.8
/usr/bin/install -c -m 644 sftp.1.out /usr/share/man/man1/sftp.1
/usr/bin/install -c -m 644 sftp-server.8.out /usr/share/man/man8/sftp-server.8
/usr/bin/install -c -m 644 ssh-keysign.8.out /usr/share/man/man8/ssh-keysign.8
/usr/bin/install -c -m 644 ssh-pkcs11-helper.8.out /usr/share/man/man8/ssh-pkcs11-helper.8
/bin/mkdir -p /etc/ssh
ssh-keygen: generating new host keys: RSA DSA ECDSA ED25519
/usr/sbin/sshd -t -f /etc/ssh/sshd_config
[root@localhost openssh-7.7p1]#查看下安装结果:# ssh -V
[root@localhost openssh-7.7p1]# ssh -V
OpenSSH_7.7p1, OpenSSL 1.0.1e-fips 11 Feb 2013
[root@localhost openssh-7.7p1]#至此编译安装完成。
13.注意
重启会导致ssh链接断开,会连不上去,如果是远程的话,先安装一个telnet 或者去控制台 执行重启sshd 防止连不上。执行两遍。
配置sshd服务
复制启动文件到/etc/init.d/下并命名为sshd,加入开机启动# cp contrib/redhat/sshd.init /etc/init.d/sshd
# chkconfig --add sshd
允许root使用ssh:openssh7.5默认root用户是不能用ssh远程登录的,需要修改配置文件:# vim /etc/ssh/sshd_config
找到#PermitRootLogin prohibit-password项,去掉注释并把prohibit-password改为yesPermitRootLogin yes
重启ssh服务:
# service sshd restart
至此升级/安装完成。##########################################################################################
注意 重启会导致ssh链接断开,会连不上去,如果是远程的话,先安装一个telnet 或者去控制台 执行重启sshd 防止连不上。centos6.5 ssh到centos stream 9 成功[root@localhost ~]# ssh root@192.168.11.11
The authenticity of host '192.168.11.11 (192.168.11.11)' can't be established.
ECDSA key fingerprint is SHA256:a6qV5aaT+vW2/fsNOGXZE6wJfxn3fbrGMC4/ZdwTYls.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.11.11' (ECDSA) to the list of known hosts.
root@192.168.11.11's password:
Activate the web console with: systemctl enable --now cockpit.socketLast login: Thu Jul 21 21:40:50 2022 from 192.168.11.1
[root@c9 ~]# cat /etc/redhat-release
CentOS Stream release 9
[root@c9 ~]# exit
注销
Connection to 192.168.11.11 closed.
[root@localhost ~]# cat /etc/redhat-release
CentOS release 6.5 (Final)14.参考操作:https://www.cnblogs.com/52py/p/10929745.html
2.测试离线升级
1.打包软件:
[root@localhost ~]# cd /opt/ && ls
openssh-7.7p1 openssh-7.7p1.tar.gz resolv.conf rpm
[root@localhost opt]# mv openssh-7.7p1.tar.gz rpm/
[root@localhost opt]# ls rpm/
gcc openssh-7.7p1.tar.gz openssl-devel zlib-devel
[root@localhost opt]# tar -cvzf rpm.tar.gz rpm && ls
openssh-7.7p1 resolv.conf rpm rpm.tar.gz
[root@localhost opt]# scp rpm.tar.gz root@192.168.11.17:/tmp/下面我登陆到 192.168.11.17这台centos6.5系统的机器[root@c9 ~]# cat /etc/redhat-release
CentOS Stream release 9
[root@c9 ~]# hostname -I
192.168.11.11[root@localhost ~]# ssh root@192.168.11.11
no hostkey alg[root@localhost ~]# hostname -I && cat /etc/redhat-release && ssh -V && ls /tmp/*.gz && mkdir /bak/ && mv /etc/ssh /bak/ssh.bak && tar -zxf /tmp/rpm.tar.gz -C /opt/ && cd /opt/rpm/ && ls
192.168.11.17
CentOS release 6.5 (Final)
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
/tmp/rpm.tar.gz
gcc openssh-7.7p1.tar.gz openssl-devel zlib-devel
2.安装gcc zlib-devel openssl-devel
[root@localhost rpm]# rpm -ivh gcc/* zlib-devel/* openssl-devel/* --nodeps --force
Preparing... ########################################### [100%]1:libcom_err ########################################### [ 4%]2:libselinux ########################################### [ 7%]3:keyutils-libs ########################################### [ 11%]4:krb5-libs ########################################### [ 15%]5:libkadm5 ########################################### [ 19%]6:libss ########################################### [ 22%]7:libgcc ########################################### [ 26%]8:ppl ########################################### [ 30%]9:cloog-ppl ########################################### [ 33%]10:openssl ########################################### [ 37%]11:keyutils-libs-devel ########################################### [ 41%]12:e2fsprogs-libs ########################################### [ 44%]13:libcom_err-devel ########################################### [ 48%]14:libsepol-devel ########################################### [ 52%]15:libselinux-devel ########################################### [ 56%]16:krb5-devel ########################################### [ 59%]17:zlib-devel ########################################### [ 63%]18:mpfr ########################################### [ 67%]19:cpp ########################################### [ 70%]20:libgomp ########################################### [ 74%]21:gcc ########################################### [ 78%]22:openssl-devel ########################################### [ 81%]23:e2fsprogs ########################################### [ 85%]24:krb5-workstation ########################################### [ 89%]25:keyutils ########################################### [ 93%]26:libselinux-python ########################################### [ 96%]27:libselinux-utils ########################################### [100%]
[root@localhost rpm]# gcc -v
使用内建 specs。
目标:x86_64-redhat-linux
配置为:../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --with-bugurl=http://bugzilla.redhat.com/bugzilla --enable-bootstrap --enable-shared --enable-threads=posix --enable-checking=release --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-gnu-unique-object --enable-languages=c,c++,objc,obj-c++,java,fortran,ada --enable-java-awt=gtk --disable-dssi --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-1.5.0.0/jre --enable-libgcj-multifile --enable-java-maintainer-mode --with-ecj-jar=/usr/share/java/eclipse-ecj.jar --disable-libjava-multilib --with-ppl --with-cloog --with-tune=generic --with-arch_32=i686 --build=x86_64-redhat-linux
线程模型:posix
gcc 版本 4.4.7 20120313 (Red Hat 4.4.7-23) (GCC)
[root@localhost rpm]#3.编译openssh7.7
[root@localhost rpm]# tar -zxf openssh-7.7p1.tar.gz && ls
gcc openssh-7.7p1 openssh-7.7p1.tar.gz openssl-devel zlib-devel
[root@localhost rpm]# cd openssh-7.7p1
[root@localhost openssh-7.7p1]# ./configure --prefix=/usr --sysconfdir=/etc/sshconfig.status: creating survey.sh
config.status: creating config.hOpenSSH has been configured with the following options:User binaries: /usr/binSystem binaries: /usr/sbinConfiguration files: /etc/sshAskpass program: /usr/libexec/ssh-askpassManual pages: /usr/share/man/manXPID file: /var/runPrivilege separation chroot path: /var/emptysshd default user PATH: /usr/bin:/bin:/usr/sbin:/sbinManpage format: docPAM support: noOSF SIA support: noKerberosV support: noSELinux support: noS/KEY support: noMD5 password support: nolibedit support: nolibldns support: noSolaris process contract support: noSolaris project support: noSolaris privilege support: noIP address in $DISPLAY hack: noTranslate v4 in v6 hack: yesBSD Auth support: noRandom number source: OpenSSL internal ONLYPrivsep sandbox style: rlimitHost: x86_64-pc-linux-gnuCompiler: gccCompiler flags: -g -O2 -pipe -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wno-pointer-sign -fno-strict-aliasing -mfunction-return=thunk -mindirect-branch=thunk -D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset -fstack-protector-all -fPIE
Preprocessor flags: -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCELinker flags: -Wl,-z,retpolineplt -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack -fstack-protector-all -pieLibraries: -lcrypto -lrt -ldl -lutil -lz -lcrypt -lresolv[root@localhost openssh-7.7p1]#4.make完成后先不要make install,先卸载旧版的openssh
[root@localhost openssh-7.7p1]# makerpm -e --nodeps `rpm -qa | grep openssh`完成后执行make install:# make install
查看下安装结果:# ssh -V
至此编译安装完成。[root@localhost openssh-7.7p1]# rpm -e --nodeps `rpm -qa | grep openssh`
[root@localhost openssh-7.7p1]# make install
(cd openbsd-compat && make)
make[1]: Entering directory `/opt/rpm/openssh-7.7p1/openbsd-compat'
make[1]: Nothing to be done for `all'.
make[1]: Leaving directory `/opt/rpm/openssh-7.7p1/openbsd-compat'
/bin/mkdir -p /usr/bin
/bin/mkdir -p /usr/sbin
/bin/mkdir -p /usr/share/man/man1
/bin/mkdir -p /usr/share/man/man5
/bin/mkdir -p /usr/share/man/man8
/bin/mkdir -p /usr/libexec
/bin/mkdir -p -m 0755 /var/empty
/usr/bin/install -c -m 0755 -s ssh /usr/bin/ssh
/usr/bin/install -c -m 0755 -s scp /usr/bin/scp
/usr/bin/install -c -m 0755 -s ssh-add /usr/bin/ssh-add
/usr/bin/install -c -m 0755 -s ssh-agent /usr/bin/ssh-agent
/usr/bin/install -c -m 0755 -s ssh-keygen /usr/bin/ssh-keygen
/usr/bin/install -c -m 0755 -s ssh-keyscan /usr/bin/ssh-keyscan
/usr/bin/install -c -m 0755 -s sshd /usr/sbin/sshd
/usr/bin/install -c -m 4711 -s ssh-keysign /usr/libexec/ssh-keysign
/usr/bin/install -c -m 0755 -s ssh-pkcs11-helper /usr/libexec/ssh-pkcs11-helper
/usr/bin/install -c -m 0755 -s sftp /usr/bin/sftp
/usr/bin/install -c -m 0755 -s sftp-server /usr/libexec/sftp-server
/usr/bin/install -c -m 644 ssh.1.out /usr/share/man/man1/ssh.1
/usr/bin/install -c -m 644 scp.1.out /usr/share/man/man1/scp.1
/usr/bin/install -c -m 644 ssh-add.1.out /usr/share/man/man1/ssh-add.1
/usr/bin/install -c -m 644 ssh-agent.1.out /usr/share/man/man1/ssh-agent.1
/usr/bin/install -c -m 644 ssh-keygen.1.out /usr/share/man/man1/ssh-keygen.1
/usr/bin/install -c -m 644 ssh-keyscan.1.out /usr/share/man/man1/ssh-keyscan.1
/usr/bin/install -c -m 644 moduli.5.out /usr/share/man/man5/moduli.5
/usr/bin/install -c -m 644 sshd_config.5.out /usr/share/man/man5/sshd_config.5
/usr/bin/install -c -m 644 ssh_config.5.out /usr/share/man/man5/ssh_config.5
/usr/bin/install -c -m 644 sshd.8.out /usr/share/man/man8/sshd.8
/usr/bin/install -c -m 644 sftp.1.out /usr/share/man/man1/sftp.1
/usr/bin/install -c -m 644 sftp-server.8.out /usr/share/man/man8/sftp-server.8
/usr/bin/install -c -m 644 ssh-keysign.8.out /usr/share/man/man8/ssh-keysign.8
/usr/bin/install -c -m 644 ssh-pkcs11-helper.8.out /usr/share/man/man8/ssh-pkcs11-helper.8
/bin/mkdir -p /etc/ssh
ssh-keygen: generating new host keys: RSA DSA ECDSA ED25519
/usr/sbin/sshd -t -f /etc/ssh/sshd_config
[root@localhost openssh-7.7p1]# ssh -V
OpenSSH_7.7p1, OpenSSL 1.0.1e-fips 11 Feb 2013
[root@localhost openssh-7.7p1]#
l5.注意
重启会导致ssh链接断开,会连不上去,如果是远程的话,先安装一个telnet 或者去控制台 执行重启sshd 防止连不上。
配置sshd服务
复制启动文件到/etc/init.d/下并命名为sshd,加入开机启动# cp contrib/redhat/sshd.init /etc/init.d/sshd
# chkconfig --add sshd
允许root使用ssh:openssh7.5默认root用户是不能用ssh远程登录的,需要修改配置文件:# vim /etc/ssh/sshd_config
找到#PermitRootLogin prohibit-password项,去掉注释并把prohibit-password改为yesPermitRootLogin yes
重启ssh服务:
# service sshd restart
至此升级/安装完成。##########################################################################################
注意 重启会导致ssh链接断开,会连不上去,如果是远程的话,先安装一个telnet 或者去控制台 执行重启sshd 防止连不上。centos6.5 ssh到centos stream 9 成功[root@localhost ~]# ssh root@192.168.11.11
The authenticity of host '192.168.11.11 (192.168.11.11)' can't be established.
ECDSA key fingerprint is SHA256:a6qV5aaT+vW2/fsNOGXZE6wJfxn3fbrGMC4/ZdwTYls.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.11.11' (ECDSA) to the list of known hosts.
root@192.168.11.11's password:
Activate the web console with: systemctl enable --now cockpit.socketLast login: Thu Jul 21 21:40:50 2022 from 192.168.11.1
[root@c9 ~]# cat /etc/redhat-release
CentOS Stream release 9
[root@c9 ~]# exit
注销
Connection to 192.168.11.11 closed.
[root@localhost ~]# cat /etc/redhat-release
CentOS release 6.5 (Final).
3.离线步骤
首先要有包 确定操作系统版本 是i386还是X86的避免下错rpm包1.查看内核版本
uname -a
2.查看操作系统版本号]
lsb_release -a
cat /etc/redhat-release1.
[root@localhost ~]# hostname -I && cat /etc/redhat-release && ssh -V && ls /tmp/*.gz && mkdir /bak/ && mv /etc/ssh /bak/ssh.bak && tar -zxf /tmp/rpm.tar.gz -C /opt/ && cd /opt/rpm/ && ls命令详解:查看本机IP && 查看发行版名称和版本号 && 查看ssh版本 && 查看/tmp目录传过来的.gz包 && 创建备份文件夹 && 移动/etc/ssh 到/bak/并命名为ssh.bak && 解压包到/opt/目录下 && 切换到 /opt/rpm目录下 && 查看目录下文件2.安装gcc zlib-devel openssl-deve
[root@localhost rpm]# rpm -ivh gcc/* zlib-devel/* openssl-devel/* --nodeps --force3.检查gcc信息root@localhost rpm]# gcc -v4.解压openssh-7.7p1.tar.gz[root@localhost rpm]# tar -zxf openssh-7.7p1.tar.gz && ls
gcc openssh-7.7p1.tar.gz openssl-devel zlib-devel5.编译
[root@localhost rpm]# cd openssh-7.7p1
[root@localhost openssh-7.7p1]# ./configure --prefix=/usr --sysconfdir=/etc/ssh6.make
[root@localhost openssh-7.7p1]# make7.卸载旧版openssh
[root@localhost openssh-7.7p1]# rpm -e --nodeps `rpm -qa | grep openssh`8.mkae install
[root@localhost openssh-7.7p1]# make install9.查看ssh版本
[root@localhost openssh-7.7p1]# ssh -V
OpenSSH_7.7p1, OpenSSL 1.0.1e-fips 11 Feb 201310.配置sshd服务 复制启动文件到/etc/init.d/下并命名为sshd,加入开机启动
[root@localhost openssh-7.7p1]# cp contrib/redhat/sshd.init /etc/init.d/sshd
[root@localhost openssh-7.7p1]# chkconfig --add sshd11.允许root使用ssh
[root@localhost openssh-7.7p1]# vim /etc/ssh/sshd_config
PermitRootLogin yes12.重启ssh服务
注意 重启会导致ssh链接断开,会连不上去,如果是远程的话,先安装一个telnet 或者去控制台 执行重启sshd 防止连不上。执行两遍。
[root@localhost openssh-7.7p1]# service sshd restart
centos6.5 离线升级openssh7.7相关推荐
- linux升级ssh到6.6版本,CentOS6.5 openssh升级到openssh-7.6版本
CentOS6.5 openssh升级到openssh-7.6版本 2018-8-3 foooy 升级前保证故障后能现场处理,或者远程卡处理,否则不要这样直接升级 yum install -y gcc ...
- CentOS6离线升级CentOS7
'利用本地centos7镜像升级centos6.7' 需求背景: 服务器上安装的都是centos6.7,新部署的服务需要在centos7下,要么跑到机房重装系统,要么找离线解决方案,升级系统. 解决方 ...
- openSSH离线升级(6.6->7.9),解决Linux安全漏洞(CVE-2018-15473)
链接:https://pan.baidu.com/s/1HjAbNBcRdBOL1hUL-dgoyA 提取码:d0q6 linux ssh6.6离线升级为7.4 1.随便找个文件夹把sshUpdate ...
- CentOS6.X内核升级
yum安装编译内核 升级前环境: [root@localhost ~]# uname -a Linux localhost.localdomain 3.10.0-514.el7.x86_64 #1 S ...
- centos7 离线升级/在线升级操作系统内核
镜像下载.域名解析.时间同步请点击 阿里云开源镜像站 一.前言 CentOS(Community ENTerprise Operating System)是Linux发行版之一,它是来自于Red Ha ...
- ubuntu 10.10离线升级到11.04
ubuntu11.04发布不久,已安装ubuntu10.10的用户,如果联网不太方便,或者网速不好的话,可以选择下载11.04的DVD版本,然后重装ubuntu系统,如果希望直接升级,保留已安装的软件 ...
- OpenResty介绍和CentOS6.5离线安装Openresty详细步骤
Lua介绍 Lua 是一个小巧的脚本语言.它是巴西里约热内卢天主教大学(Pontifical Catholic University of Rio de Janeiro)里的一个由Roberto Ie ...
- 【vim离线升级---vim 缓冲区错误漏洞】
[vim离线升级---vim 缓冲区错误漏洞]
- Centos6.5 glibc 升级
libnuma.so.1共享库安装 yum install libnuma* http://blog.itpub.net/8183550/viewspace-1820856/ 运行以下命令检查动态库c ...
最新文章
- 秒懂QPS、TPS、PV、UV、GMV、IP、RPS!
- 小程序无限层级路由方案
- Linux根文件系统的文件镜像,构建小型Linux根文件系统镜像
- 20162313苑洪铭 第二周作业
- java前言之计算机常识
- 最大搜索二叉子树大小(树形dp)
- Filebeat配置module采集nginx日志
- python wand安装_Python Wand posterize()用法及代码示例
- JAVA线程间协作:wait.notify.notifyAll
- ACNet论文阅读笔记
- 双十一变身大型奥数竞赛现场?数学不好的你请转场
- 第九篇:Spring Boot整合Spring Data JPA_入门试炼05
- C#实现Singleton (转载)
- android 印度语_为什么发展印度语维基百科至关重要
- java反编译的语句_Java开发网 - 请教,java反编译的问题
- php开源bi,Poli 简单易用的开源 BI 软件使用教程
- 高分二号影像数据预处理及裁剪过程
- 嫌自己不够佛系?智能佛珠了解一下
- 为什么闹钟设置了却不响_手机闹钟不响是怎么回事 怎么设置闹钟【图文】
- java 数据内地地址_我国大陆居民×××Java验证