运维开发网

centos7 rpmbuild打包openssh8.0p1并升级

运维开发网 https://www.qedev.com 2021-01-12 12:41 出处:51CTO 作者:丶老龚
openssh8.0p1官方源码build成rpm后,用rpm进行升级

此文档提供方法为官方源码build成rpm后,用rpm进行升级,在Centos7.5.1804下实现,其他环境未经测试。

1.Rpmbuild打包

 

Rpmbuild环境要与目标环境一样(即在centos7.5.1804上编译)

 

#安装依赖

yum install rpm-build pam-devel zlib zlib-devel perl krb5-devel pam-devel gcc make wget libX11-devel xmkmf libXt-devel initscripts -y

yum install openssl openssl-devel -y

#创建编译目录

mkdir -p ~/rpmbuild/{SOURCES,SPECS} && cd ~/rpmbuild/SOURCES/

#下载源码包和依赖包

wget http://ftp.riken.jp/Linux/momonga/6/Everything/SOURCES/x11-ssh-askpass-1.2.4.1.tar.gz

wget https://cloudflare.cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.0p1.tar.gz

tar xf openssh-8.0p1.tar.gz

#拷贝配置文件

cp openssh-8.3p1/contrib/redhat/openssh.spec ~/rpmbuild/SPECS/

cd ~/rpmbuild/SPECS/

#修改配置文件

sed -i -e "s/%define no_gnome_askpass 0/%define no_gnome_askpass 1/g" openssh.spec

sed -i -e "s/%define no_x11_askpass 0/%define no_x11_askpass 1/g" openssh.spec

#编译

rpmbuild -ba openssh.spec

#如果编译过程中报openssl-devel的问题,可以下面注释掉依赖

sed -i 's/BuildRequires: openssl-devel < 1.1/#BuildRequires: openssl-devel < 1.1/g' openssh.spec

2. 安装包说明

[[email protected] tmp]# ll

total 8300

-rw-r--r--. 1 root root 4034560 Jan  8 11:13 openssh-8.0p1-1.el7.offline.tar  #U盘携带包

-rw-r--r--. 1 root root 4464640 Jan  7 16:44 openssh-8.3p1-1.el7.offline.tar

[[email protected] tmp]# tar xf openssh-8.0p1-1.el7.offline.tar

[[email protected] tmp]# ll openssh-8.0p1-1.el7.offline

total 3936

-rw-r--r--. 1 root root  514232 Jan  8 11:12 openssh-8.0p1-1.el7.centos.x86_64.rpm

-rw-r--r--. 1 root root  505616 Jan  8 11:12 openssh-clients-8.0p1-1.el7.centos.x86_64.rpm

-rw-r--r--. 1 root root 2603832 Jan  8 11:12 openssh-debuginfo-8.0p1-1.el7.centos.x86_64.rpm

-rw-r--r--. 1 root root  400260 Jan  8 11:12 openssh-server-8.0p1-1.el7.centos.x86_64.rpm

[[email protected] openssl-1.1.1i.el7.offline]#

 

注:以上rpm包为根据官方源码包openssh-8.0p1.tar.gz rpmbuild生成

 

3.安装

 

2.1.安装前查看状态

[[email protected] openssh-8.0p1-1.el7.offline]# rpm -qa |grep openssh

openssh-server-7.4p1-16.el7.x86_64

openssh-clients-7.4p1-16.el7.x86_64

openssh-7.4p1-16.el7.x86_64

2.2.执行升级

[[email protected] openssh-8.0p1-1.el7.offline]# ll

total 3936

-rw-r--r--. 1 root root  514232 Jan  8 11:12 openssh-8.0p1-1.el7.centos.x86_64.rpm

-rw-r--r--. 1 root root  505616 Jan  8 11:12 openssh-clients-8.0p1-1.el7.centos.x86_64.rpm

-rw-r--r--. 1 root root 2603832 Jan  8 11:12 openssh-debuginfo-8.0p1-1.el7.centos.x86_64.rpm

-rw-r--r--. 1 root root  400260 Jan  8 11:12 openssh-server-8.0p1-1.el7.centos.x86_64.rpm

[[email protected] openssh-8.0p1-1.el7.offline]# rpm -Uvh *.rpm

Preparing...                          ################################# [100%]

Updating / installing...

   1:openssh-8.0p1-1.el7.centos       ################################# [ 14%]

   2:openssh-clients-8.0p1-1.el7.cento################################# [ 29%]

   3:openssh-server-8.0p1-1.el7.centos################################# [ 43%]

   4:openssh-debuginfo-8.0p1-1.el7.cen################################# [ 57%]

Cleaning up / removing...

   5:openssh-server-7.4p1-16.el7      ################################# [ 71%]

   6:openssh-clients-7.4p1-16.el7     ################################# [ 86%]

   7:openssh-7.4p1-16.el7             ################################# [100%]

 

2.3.安装新版本及验证

[[email protected] openssh-8.0p1-1.el7.offline]# rpm -qa |grep openssh

openssh-clients-8.0p1-1.el7.centos.x86_64

openssh-debuginfo-8.0p1-1.el7.centos.x86_64

openssh-8.0p1-1.el7.centos.x86_64

openssh-server-8.0p1-1.el7.centos.x86_64

[[email protected] openssh-8.0p1-1.el7.offline]# ssh -V

OpenSSH_8.0p1, OpenSSL 1.0.2k-fips  26 Jan 2017

以上openssh的版本更新成功,但ssh无法启动,下面操作去解决。

2.4.更新下面3个sshd_config配置参数如下:

# grep -E 'PermitRootLogin|UsePAM|PasswordAuthentication' /etc/ssh/sshd_config |grep -Ev '^#'

PermitRootLogin yes

PasswordAuthentication yes

UsePAM no

2.5.重启sshd服务,验证SSH可正常登陆

[[email protected] openssh-8.0p1-1.el7.offline]# systemctl restart sshd

 

 

扫码领视频副本.gif

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号