运维开发网

centos 6.5 升级安装openssh7.5

运维开发网 https://www.qedev.com 2020-04-09 14:20 出处:网络 作者:运维开发网整理
1、准备:    安装必须的包:yum install zlib zlib-devel openssl-devel pam-devel pam-krb5 krb5-devel   krb5-libs pam-devel    下载:wget https://mirror.esc7.net/p

1、准备:

    安装必须的包:yum install zlib zlib-devel openssl-devel pam-devel pam-krb5 krb5-devel   krb5-libs pam-devel

    下载:wget https://mirror.esc7.net/pub/OpenBSD/OpenSSH/portable/openssh-7.5p1.tar.gz

    

2、安装:

    tar zxf openssh-7.5p1.tar.gz

    cd openssh-7.5p1

          ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --with-zlib --with-ssl-dir=/usr --with-md5-passwords --mandir=/usr/share/man --with-kerberos5=/usr/lib64/libkrb5.so(防止出现Unsupported option GSSAPIAuthentication  和 Unsupported option GSSAPICleanupCredentials)

    会出现以下提示:

    PAM is enabled. You may need to install a PAM control file for sshd, otherwise password authentication may fail.Example PAM control files can be found in the contrib/ subdirectory       cp /etc/init.d/sshd /etc/init.d/sshd_old    cp /etc/pam.d/sshd /etc/pam.d/sshd_old    cd openssh-7.5p1/contrib/redhat    cp sshd.init /etc/init.d/sshd    cp sshd.pam /etc/pam.d/sshd    修改/etc/ssh/sshd_config中 UsePAM yes        make && make install3、重启sshd服务    service sshd restart    ssh -V4、注:ssh升级后,默认关闭root远程登录,如果需要,请打开5、如果无法登录,请修改/etc/pam.d/sshd    auth       required     pam_sepermit.so    auth       include      password-auth    account    required     pam_nologin.so    account    include      password-auth    password   include      password-auth    # pam_seLinux.so close should be the first session rule    session    required     pam_seLinux.so close    session    required     pam_loginuid.so    # pam_seLinux.so open should only be followed by sessions to be executed in the user context    session    required     pam_seLinux.so open env_params    session    required     pam_namespace.so    session    optional     pam_keyinit.so force revoke    session    include      password-auth

0

精彩评论

暂无评论...
验证码 换一张
取 消