#安裝telnet
yum install xinetd telnet-server telnet -y
#開啟服務
systemctl start telnet.socket
service xinetd start
#關閉防火牆(或者開啟23端口)
systemctl stop firewalld.service
systemctl disable firewalld.service
#安裝wget
yum install -y wget
#安裝tar
yum install -y tar
#軟體包準備
cd /usr/local/src/openssh #解壓目錄
wget --no-check-certificate https://www.zlib.net/zlib-1.2.12.tar.gz
wget --no-check-certificate https://www.openssl.org/source/openssl-1.1.1p.tar.gz
wget --no-check-certificate https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.0p1.tar.gz
#解壓軟體包
tar -zxvf zlib-1.2.12.tar.gz
tar -zxvf openssl-1.1.1p.tar.gz
tar -zxvf openssh-9.0p1.tar.gz
#備份
mv /etc/ssh /etc/ssh.bak
mv /etc/init.d/sshd /etc/init.d/sshd.bak
mv /usr/bin/openssl /usr/bin/openssl.bak
##解除安裝原有的openssh
rpm -e --nodeps `rpm -qa | grep openssh`
###安裝相關依賴包
yum install vim gcc gcc-c++ glibc make autoconf openssl openssl-devel pcre-devel pam-devel zlib-devel tcp_wrappers-devel tcp_wrappers
#進入zlib解壓目錄
cd zlib-1.2.12
#編譯安裝
./configure --prefix=/usr/local/zlib
make && make test && make install
#
ll /usr/local/zlib
ldconfig -v
/sbin/ldconfig
#進入openssl解壓目錄
cd ..
cd openssl-1.1.1p
#編譯安裝
./config shared zlib --prefix=/usr/local/ssl
make clean && make -j 4 && make install
#更新函數庫
echo "/usr/lcoal/ssl/lib" >> /etc/ld.so.conf
ldconfig
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/ssl/lib/libssl.so.1.1 /usr/lib64/libssl.so.1.1
ln -s /usr/local/ssl/lib/libcrypto.so.1.1 /usr/lib64/libcrypto.so.1.1
#檢查是否更新成功
openssl version -a
#進入openssh解壓目錄
cd ..
cd openssh-9.0p1
#編譯安裝
./configure --prefix=/usr/local/ssh --sysconfdir=/etc/ssh --with-ssl-dir=/usr/local/ssl --with-zlib=/usr/local/zlib --with-selinux
make -j 4 && make install
#檢視目錄版本
/usr/local/ssh/bin/ssh -V
#複制新ssh檔案
cp -rf contrib/redhat/sshd.init /etc/init.d/sshd
cp -rf contrib/redhat/sshd.pam /etc/pam.d/sshd.pam
mv /etc/ssh/sshd_config /etc/ssh/sshd_config_orig
cp -rf sshd_config /etc/ssh/sshd_config
cp -rf /usr/local/ssh/sbin/sshd /usr/sbin/sshd
cp -rf /usr/local/ssh/bin/ssh /usr/bin/ssh
cp -rf /usr/local/ssh/bin/ssh-keygen /usr/bin/ssh-keygen
#開啟sshd
chmod u+x /etc/init.d/sshd
chkconfig --add sshd ##自啟動
chkconfig --list |grep sshd
chkconfig sshd on
#允許root登入
echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config
echo 'Subsystem sftp /usr/local/ssh/libexec/sftp-server'>> /etc/ssh/sshd_config
#重新開機sshd服務
/etc/init.d/sshd restart
/etc/init.d/sshd status