In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-16 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/01 Report--
Today, I will talk to you about how to upgrade RHEL6_CentOS6_Openssh8.0p1. Many people may not know much about it. In order to make you understand better, the editor has summarized the following for you. I hope you can get something according to this article.
Create a software storage directory:
-- create a software storage directory, and upload OS images and Openssh-related installation packages to the soft directory
[root@sshupdate ~] #
Mkdir-p / soft
Ll / soft/
Mount OS system Mirror
Mount-o loop / soft/rhel-server-6.9-x86_64-dvd.iso / mnt/
Df-h
The results are as follows:
/ soft/rhel-server-6.9-x86_64-dvd.iso
3.7g 3.7g 0100% / mnt
Configure a local YUM source
[root@sshupdate ~] #
Mkdir-p / etc/yum.repos.d/yumbak
Mv / etc/yum.repos.d/*.repo / etc/yum.repos.d/yumbak/
Ll / etc/yum.repos.d/
[root@sshupdate ~] #
[root@sshupdate ~] # vi / etc/yum.conf
[rheldvd]
Name=rheldvd
Baseurl= file:///mnt
Enabled=1
Gpgcheck=0
[main]
[root@sshupdate ~] # yum list
Loaded plugins: product-id, refresh-packagekit, search-disabled-repos
: subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
Installed Packages
ConsoleKit.x86_64 0.4.1-6.el6 @ anaconda-RedHatEnterpriseLinux-201703082046.x86_64/6.9
ConsoleKit-libs.x86_64 0.4.1-6.el6 @ anaconda-RedHatEnterpriseLinux-201703082046.x86_64/6.9
[root@sshupdate] # ssh-V
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
[root@sshupdate ~] #
Turn off the firewall
[root@sshupdate] #
Service iptables stop
Chkconfig iptables off
Chkconfig iptables-list
The results are as follows:
Iptables 0:off 1:off 2:off 3:off 4:off 5:off 6:off
Install and configure telnet
[root@sshupdate] # yum install telnet*-y
[root@sshupdate] # vi / etc/xinetd.d/telnet
# default: on
# description: The telnet server serves telnet sessions; it uses\
# unencrypted username/password pairs for authentication.
Service telnet
Disable = yes-- modify yes to: no
}
[root@sshupdate] # mv / etc/securetty / etc/securetty.old
[root@sshupdate] #
Service xinetd start
Service xinetd restart
Chkconfig xinetd on
Chkconfig xinetd-list
The results are as follows:
Xinetd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@sshupdate] #
Test telnet
[root@sshupdate zlib-1.2.11] # telnet 192.168.147.129 or telnet 192.168.147.129 22
Trying 192.168.147.129...
Connected to 192.168.147.129.
Escape character is'^]'.
Red Hat Enterprise Linux Server release 6.9 (Santiago)
Kernel 2.6.32-696.el6.x86_64 on an x861464
Sshupdate login: root-enter the user name
Password:-enter password
Last login: Thu Jun 20 04:25:56 from 192.168.147.1
[root@sshupdate ~] #
[root@sshupdate ~] # exit-- you can exit the telnet operation or not
Install the components required by openssh
[root@sshupdate] # yum install gcc pam-devel zlib-devel-y
Extract the zlib library file
[root@sshupdate ~] #
Cd / soft/openssh-update-8.0p1/
Tar-xvzf zlib-1.2.11.tar.gz
Cd zlib-1.2.11
Configuration check-compile-install zlib
[root@sshupdate zlib-1.2.11] #
. / configure-- prefix=/usr&&make&&make install
[root@sshupdate zlib-1.2.11] #
Echo'/ usr/lib' > > / etc/ld.so.conf
Ldconfig
Cat / usr/lib
[root@sshupdate zlib-1.2.11] # ll / usr/lib/libz.so.1
Lrwxrwxrwx. 1 root root 14 Jun 20 04:37 / usr/lib/libz.so.1-> libz.so.1.2.11
[root@sshupdate zlib-1.2.11] # ll / usr/lib/libz.so
Lrwxrwxrwx. 1 root root 14 Jun 20 04:37 / usr/lib/libz.so-> libz.so.1.2.11
View the installed zlib library
[root@sshupdate] # rpm-qa | grep zlib
Zlib-devel-1.2.3-29.el6.x86_64
Zlib-1.2.3-29.el6.x86_64
Delete the old zlib library
[root@sshupdate] # rpm-e-nodeps zlib
[root@sshupdate] #
[root@sshupdate] # rpm-qa | grep zlib
Rpm: error while loading shared libraries: libz.so.1: cannot open shared object file: No such file or directory
[root@sshupdate] #
Upgrade openssl
[root@sshupdate zlib-1.2.11] # find /-name openssl
/ etc/pki/ca-trust/extracted/openssl
/ usr/lib64/openssl
/ usr/bin/openssl
[root@sshupdate zlib-1.2.11] #
[root@sshupdate zlib-1.2.11] #
Mv / usr/lib64/openssl / usr/lib64/openssl.old
Mv / usr/bin/openssl / usr/bin/openssl.old
Mv / etc/pki/ca-trust/extracted/openssl / etc/pki/ca-trust/extracted/openssl.old
[root@sshupdate zlib-1.2.11] #
Cp / usr/lib64/libcrypto.so.10 / usr/lib64/libcrypto.so.10.old
Cp / usr/lib64/libssl.so.10 / usr/lib64/libssl.so.10.old
[root@sshupdate zlib-1.2.11] # rpm-qa | grep openssl | xargs
Openssl-1.0.1e-57.el6.x86_64
[root@sshupdate ~] #
Rpm-qa | grep openssl | xargs-I rpm-e-- nodeps {}
Rpm-qa | grep openssl | xargs
[root@sshupdate ~] #
Cd / soft/openssh-update-8.0p1/
Tar-xvzf openssl-1.0.2s.tar.gz
Cd openssl-1.0.2s
. / config-- prefix=/usr/-- openssldir=/etc/ssl-- shared zlib
Make
Make test
Make install
View the upgraded Openssl version
[root@sshupdate openssl-1.0.2s] # openssl version
OpenSSL 1.0.2s 28 May 2019
[root@sshupdate openssl-1.0.2s] #
Restore library files
[root@sshupdate openssl-1.0.2s] #
Mv / usr/lib64/libcrypto.so.10.old / usr/lib64/libcrypto.so.10
Mv / usr/lib64/libssl.so.10.old / usr/lib64/libssl.so.10
Mv / etc/ssh / etc/ssh.old
Upgrade Openssh
Rpm-qa | grep openssh
Rpm-qa | grep openssh | xargs-I rpm-e-- nodeps {}
Rpm-qa | grep openssh
Install-v-m700-d / var/lib/sshd
Chown-v root:sys / var/lib/sshd/
Groupadd-g 50 sshd
Useradd-c 'sshd PrivSep'-d / var/lib/sshd-g sshd-s / bin/false-u 50 sshd
[root@sshupdate] #
Cd / soft/openssh-update-8.0p1/
Tar-xvzf openssh-8.0p1.tar.gz
Cd / soft/openssh-update-8.0p1/openssh-8.0p1
. / configure-- prefix=/usr-- sysconfdir=/etc/ssh-- with-md5-passwords-- with-pam--with-zlib-- with-openssl-includes=/usr-- with-privsep-path=/var/lib/sshd-- Note: it is an one-line command
Make
Make install
The results are as follows:
/ bin/mkdir-p / etc/ssh
Ssh-keygen: generating new host keys: RSA DSA ECDSA ED25519
/ usr/sbin/sshd-t-f / etc/ssh/sshd_config
[root@sshupdate openssh-8.0p1] #
[root@sshupdate openssh-8.0p1] #
Install-v-m755 contrib/ssh-copy-id / usr/bin/
Install-v-m644 contrib/ssh-copy-id.1 / usr/share/man/man1
Install-v-m755-d / usr/share/doc/openssh-8.0p1
Install-v-m744 INSTALL LICENCE OVERVIEW README* / usr/share/doc/openssh-8.0p1/
[root@sshupdate openssh-8.0p1] # ssh- V
OpenSSH_8.0p1, OpenSSL 1.0.2s 28 May 2019
[root@sshupdate openssh-8.0p1] #
[root@sshupdate openssh-8.0p1] #
Echo "X11Forwarding yes" > > / etc/ssh/sshd_config
Echo "PermitRootLogin yes" > > / etc/ssh/sshd_config
Cat / etc/ssh/sshd_config
The results are as follows:
... Omit...
X11Forwarding yes
PermitRootLogin yes
[root@sshupdate openssh-8.0p1] #
[root@sshupdate openssh-8.0p1] #
Cp-p contrib/redhat/sshd.init / etc/init.d/sshd
Chmod + x / etc/init.d/sshd
Ll / etc/init.d/sshd
Chkconfig-add sshd
Chkconfig sshd on
Chkconfig sshd-list
The results are as follows:
Sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@sshupdate openssh-8.0p1] #
[root@sshupdate openssh-8.0p1] # vi / etc/selinux/config
SELINUX=enforcing-modify enforcing to: disabled-- be sure to modify it or ssh cannot log in normally
[root@sshupdate openssh-8.0p1] # reboot
[root@sshupdate] #
[root@sshupdate ~] # vi / etc/xinetd.d/telnet
# default: on
# description: The telnet server serves telnet sessions; it uses\
# unencrypted username/password pairs for authentication.
Service telnet
Disable = no-- modify no to: yes
}
[root@sshupdate ~] #
[root@sshupdate ~] # mv / etc/securetty.old / etc/securetty
[root@sshupdate ~] #
Service xinetd stop
Chkconfig xinetd off
Chkconfig xinetd-list
The results are as follows:
Xinetd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
[root@sshupdate ~] #
Method 2:
Mount-o loop / soft/rhel-server-6.9-x86_64-dvd.iso / mnt/
Yum remove telnet*-y
[root@sshupdate ~] #
[root@sshupdate] # ssh-V
OpenSSH_8.0p1, OpenSSL 1.0.2s 28 May 2019
[root@sshupdate ~] #
[root@sshupdate ~] #
[root@sshupdate ~] # reboot-- restart normal login
[root@sshupdate ~] #
After reading the above, do you have any further understanding of how to upgrade RHEL6_CentOS6_Openssh8.0p1? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
