Shulou(Shulou.com)06/01 Report--

This article introduces the relevant knowledge of "the upgrade and installation method of ssh in linux". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

First, install Zlib

1. Download the latest version of Zlib

Zlib official website: http://www.zlib.net/

# cd / usr/local/src

# wget-c http://www.zlib.net/zlib-1.2.3.tar.gz

2. Compile and install Zlib

# tar xzvf zlib-1.2.3.tar.gz

# cd zlib-1.2.3

#. / configure-prefix=/usr/local/zlib

# make

# make install

In this way, the zlib compilation is installed in the

/ usr/local/zilib got it.

Second, install OpenSSL

1. Download the latest version of OpenSSL

OpenSSL's official website: http://www.openssl.org

# cd / usr/local/src

# wget-c http://www.openssl.org/source/openssl-0.9.8d.tar.gz

2. Compile and install OpenSSL

# tar xzvf openssl-0.9.8d.tar.gz

# cd openssl-0.9.8d

#. / Configure-prefix=/usr/local/openssl

# make

# make test (this step is very important! Is to conduct a complete test of the SSL encryption protocol, if there is an error, you must first find out the reason, otherwise blindly continue may lead to the final SSH can not be used, the consequences are very serious!)

# make install

Third, install OpenSSH

1. Download the latest version of OpenSSH

OpenSSH's official website: http://www.openssh.com

# cd / usr/local/src

# wget-c ftp://ftp.it.net.au/mirrors/OpenBSD/OpenSSH/portable/openssh-4.5p1.tar.gz

2. Compile and install OpenSSH

# tar xzvf openssh-4.5p1.tar.gz

# cd openssh-4.5p1

#. / configure-prefix=/usr-sysconfdir=/etc/ssh-with-pam-with-zlib=/usr/local/zlib-with-ssl-dir=/usr/local/openssl-with-md5-passwords

(note that if PAM is prompted for an error during configure, it is usually because the pam-devel RPM package is not installed on the system. Find the installation CD and install pam-devel will solve the problem.)

# make

# make install

This completes the whole work of installing SSH, and after the installation is complete, we also need to modify the configuration file of OpenSSH to further improve security. Through the installation completed by the above steps, the configuration file for OpenSSH is under / etc/ssh, where the configuration file for SSH Server is sshd_config.

# vi / etc/ssh/sshd_config

Find:

CODE:

# Protocol 2jue 1 is modified to:

Protocol 2 thus disables the ssh v1 protocol, using only the more secure ssh v2 protocol.

X11Forwarding yes is modified to:

X11Forwarding no disables X11 forwarding.

Save and exit after modification.

● generates ssh service management scripts

Enter the ssh decompression directory

# cd / contrib/redhat

# cp sshd.init / etc/init.d/sshd

# chmod + x / etc/init.d/sshd

# chkconfig-add sshd

Finally, start the SSH service to make the changes take effect:

# / etc/init.d/sshd restart

Check whether the current OpenSSH and OpenSSL are correct after rebooting:

# ssh-v

If you see the new version number, there will be no problem!

Waiting alone for replenishment:

In the course of practice, the following problems are found:

1. Prompt Starting sshd:WARNING: initlog is deprecated and will be removed in a future release

According to the information obtained from foreign websites, change initlog-c "$SNMPD $OPTIONS" & & success | | failure

For "$SNMPD $OPTIONS" & & success | | failure means removing the previous initlog-c result still won't solve the problem.

Check the data again and find that the compiled and installed ssh needs to change the file path when starting the service and must pay attention to modify the path, otherwise an error will be reported.

# [- f / etc/sysconfig/sshd] & &. / etc/sysconfig/sshd

KEYGEN=/usr/local/bin/ssh-keygen

SSHD=/usr/local/sbin/sshd

RSA1_KEY=/usr/local/etc/ssh_host_key

RSA_KEY=/usr/local/etc/ssh_host_rsa_key

DSA_KEY=/usr/local/etc/ssh_host_dsa_key

Please change according to your actual situation!

This is the end of the content of "how to upgrade and install ssh in linux". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.