2024-05-07 15:44:41
浏览数 (3)
一 CentOS7.6
代码语言:bash
复制yum install -y gcc gcc-c glibc make autoconf pcre-devel
pam-devel automake makedepend perl-Test-Simple perl zlib zlib-devel
find / -name openssl
unalias mv
unalias rm
mv /usr/bin/openssl /usr/bin/openssl.2023.bak
mv /usr/lib64/openssl /usr/lib64/openssl.2023.bak
mv /usr/include/openssl /usr/include/openssl.2023.bak
mv /etc/pki/ca-trust/extracted/openssl /etc/pki/ca-trust/extracted/openssl.2023.bak
mkdir -p /tmp/newOpenssh
cd /tmp/newOpenssh
#上传安装包openssl-1.1.1l.tar.gz
tar -zxvf openssl-1.1.1l.tar.gz
cd openssl-1.1.1l
./config shared -fPIC
make depend
make && make install
echo $?
unalias cp
cp -rvf include/openssl /usr/include/
ln -s /usr/local/bin/openssl /usr/bin/openssl
ln -snf /usr/local/lib64/libssl.so.1.1 /usr/lib64/libssl.so
ln -snf /usr/local/lib64/libssl.so.1.1 /usr/lib64/libssl.so.1.1
ln -snf /usr/local/lib64/libcrypto.so.1.1 /usr/lib64/libcrypto.so
ln -snf /usr/local/lib64/libcrypto.so.1.1 /usr/lib64/libcrypto.so.1.1
echo "/usr/local/lib64" >> /etc/ld.so.conf
ldconfig
cp /usr/local/bin/openssl /usr/bin/openssl
openssl version
yum-y install gcc gcc-c autoconf libjpeg libjpeg-devel libpng libpng-develfreetype
freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-develglib2 glib2-devel
bzip2 bzip2-devel ncurses ncurses-devel curl curl-devele2fsprogs e2fsprogs-devel krb5
krb5-devel libidn libidn-devel opensslopenssl-devel openldap openldap-devel nss_ldap
openldap-clientsopenldap-servers
升级openssh
cd /tmp/newOpenssh
上传安装包 openssh-9.0p1.tar.gz
#备份openssh:
ls -lrt /usr/bin/ssh
ls -lrt /usr/sbin/sshd
ls -lrt /etc/ssh
mv /usr/bin/ssh /usr/bin/ssh.bak.2023
mv /usr/sbin/sshd /usr/sbin/sshd.bak.2023
mv /etc/ssh /etc/ssh.bak.2023
cd /tmp/newOpenssh
tar -zxvf openssh-9.0p1.tar.gz
cd openssh-9.0p1/
./configure --prefix=/usr/ --sysconfdir=/etc/ssh --with-ssl-dir=/usr/local/ssl --with-zlib --with-md5-passwords --with-pam --with-ssl-engine
make && make install
echo $?
ssh -V
cp -a ./contrib/redhat/sshd.init /etc/init.d/sshd
cp -a ./contrib/redhat/sshd.pam /etc/pam.d/sshd.pam
systemctl stop sshd.service
mv /usr/lib/systemd/system/sshd.service /usr/lib/systemd/system/sshd.service.bak
mv /etc/ssh/sshd_config /etc/ssh/sshd_config-2023
cp /etc/ssh.bak.2023/sshd_config /etc/ssh/
systemctl daemon-reload
/etc/init.d/sshd start
cp /run/systemd/generator.late/sshd.service /usr/lib/systemd/system/sshd.service
systemctl daemon-reload ; systemctl restart sshd ;systemctl enable sshd
systemctl status sshd
ssh -V
二 CentOS7.9
代码语言:bash
复制
#!/bin/bash
rm -rf /opt/openss*
cd /opt
echo -e "Install_openssl"
sleep 3
wget https://www.openssl.org/source/openssl-1.1.1w.tar.gz --no-check-certificate
tar -zxvf openssl-1.1.1w.tar.gz
cd openssl-1.1.1w/
./config --prefix=/usr/local/openssl
./config -t
make -j 4 && make install
sleep 2
if [ $? -eq 0 ]; then
ldd /usr/local/openssl/bin/openssl
echo "/usr/local/openssl/lib" >>/etc/ld.so.conf
ldconfig -v
mv /usr/bin/openssl /usr/bin/openssl.bak
ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl
ll /usr/bin/openssl
ldd /usr/local/openssl/bin/openssl
else
echo -e "flase"
sleep 2
exit
fi
sleep 1
echo -e "