#!/bin/bash## 准备编译环境apt-get install libpam0g-dev gcc zlib1g-dev -y# 【openssl】# 备份当前opensslmv /usr/bin/openssl /usr/bin/openssl_bakmv /usr/include/openssl /usr/include/openssl_bak# 编译安装openssltar xf openssl-1.0.2u.tar.gzcd openssl-1.0.2u./config shared && make && make install# 创建软连接ln -s /usr/local/ssl/bin/openssl /usr/bin/opensslln -s /usr/local/ssl/include/openssl /usr/include/openssl# 加载新配置echo "/usr/local/ssl/lib" >> /etc/ld.so.conf/sbin/ldconfig# 查看当前openssl 版本openssl versioncd ..# 【openssh】# 编译安装tar xf openssh-8.8p1.tar.gzcd openssh-8.8p1./configure --prefix=/usr/local/myssh_8.8p1 \--sysconfdir=/usr/local/myssh_8.8p1/ssh \--with-openssl-includes=/usr/local/ssl/include \-with-ssl-dir=/usr/local/ssl \--with-privsep-user=sshd --with-zlib \--with-pam \--with-md5-passwords \--without-openssl-header-checkmake && make install# 备份opensshmv /etc/init.d/sshd /etc/init.d/sshd.bakmv /usr/sbin/sshd /usr/sbin/sshd.bakmv /etc/ssh/sshd_config /etc/ssh/sshd_config.bak_`date '+%Y%m%d'`# 创建软连接ln -s /usr/local/myssh_8.8p1/sbin/sshd /usr/sbin/sshdln -s /usr/local/myssh_8.8p1/ssh/sshd_config /etc/ssh/sshd_config#sed -i '20a PermitRootLogin yes' /usr/local/myssh_8.8p1/ssh/sshd_config# 避开绿盟安全扫描echo "Protocol 2" >> /usr/local/myssh_8.8p1/ssh/sshd_configecho "Banner /etc/ssh_banner" >> /usr/local/myssh_8.8p1/ssh/sshd_config# systemctl restart sshd
若有收获,就点个赞吧
0 人点赞
