1. #!/bin/bash
    2. ###By:Eren 2020-05-26
    3. ######################
    4. #安装包存放目录/tmp
    5. ######################
    6. cd /tmp/openssh
    7. #安装本地依赖包
    8. yum -y localinstall /tmp/openssh/*.rpm >/dev/null
    9. if [ $? -eq 0 ];then
    10. echo -e "依赖包安装成功" "\033[32m Success\033[0m"
    11. else
    12. echo -e "依赖包安装失败" "\033[31m Failure\033[0m"
    13. sleep 3
    14. exit 1
    15. fi
    16. #部署openssl
    17. cd /tmp/openssh/openssl-1.1.1g/
    18. ./config --prefix=/usr/local/ssl shared >/dev/null
    19. if [ $? -eq 0 ];then
    20. make > /dev/null 2>&1
    21. make install > /dev/null 2>&1
    22. else
    23. echo -e "编译安装OpenSSL失败" "\033[31m Failure\033[0m"
    24. sleep 3
    25. exit 2
    26. fi
    27. echo "/usr/local/ssl/lib" >> /etc/ld.so.conf
    28. /sbin/ldconfig -v
    29. mv /usr/bin/openssl  /usr/bin/openssl.old
    30. ln -s /usr/local/ssl/bin/openssl  /usr/bin/openssl
    31. ln -s /usr/local/ssl/include/openssl  /usr/include/openssl
    32. ln -s /usr/local/ssl/lib/libssl.so /usr/local/lib64/libssl.so
    33. strings /usr/local/lib64/libssl.so |grep OpenSSL
    34. /usr/bin/openssl version
    35. cp /etc/pam.d/sshd  /etc/pam.d/sshd.old
    36. cp /etc/ssh/sshd_config /etc/ssh/sshd_config.old
    37. #部署openssh
    38. cd /tmp/openssh/openssh-8.3p1/
    39. install -v -m700 -d /var/lib/sshd 
    40. chown -v root:sys /var/lib/sshd
    41. /usr/bin/autoreconf
    42. #编译openssh
    43. ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-zlib --with-openssl-includes=/usr/local/ssl/lib --with-privsep-path=/var/lib/sshd --with-ssl-dir=/tmp/openssh/openssl-1.1.1g >/dev/null 2>&1
    44. if [ $? -eq 0 ];then
    45. make >/dev/null 
    46. echo -e "编译openssh成功" "\033[32m Success\033[0m"
    47. else
    48. echo -e "编译OpenSSH失败" "\033[31m Failure\033[0m"
    49. sleep 3
    50. exit 3
    51. fi
    52. #安装openssh
    53. if [ $? -eq 0 ];then
    54. make install >/dev/null
    55. echo -e "OpenSSH安装成功" "\033[32m Success\033[0m"
    56. else
    57. echo -e "OpenSSH安装失败" "\033[31m Failure\033[0m"
    58. sleep 3
    59. exit 4
    60. fi
    61. #更新ssh配置文件
    62. sed -i 's|GSSAPIAuthentication yes|#GSSAPIAuthentication yes|' /etc/ssh/ssh_config
    63. cat /tmp/openssh/sshd_config >/etc/ssh/sshd_config
    64. chmod 600 /etc/ssh/ssh_host_rsa_key
    65. chmod 600 /etc/ssh/ssh_host_ecdsa_key
    66. chmod 600 /etc/ssh/ssh_host_ed25519_key
    67. #更新ssh服务启动配置文件
    68. rm -rf /usr/lib/systemd/system/sshd.service
    69. systemctl daemon-reload
    70. cp /tmp/openssh/openssh-8.3p1/contrib/redhat/sshd.init /etc/init.d/sshd
    71. chkconfig --add sshd
    72. chkconfig sshd on
    73. /etc/init.d/sshd restart
    74. /etc/init.d/sshd status
    75. #验证升级版本
    76. ssh -V
    77. echo -e "OpenSSH安装完成" "\033[31m Success\033[0m"