通过命令查看目前系统的ssh和sshd版本:
ssh -V
sshd -V更新依赖包
ubuntu
apt-get update
sudo apt-get install build-essential
sudo apt-get install libpcre3 libpcre3-dev
sudo apt-get install libssl-devcentos
yum update
yum -y install perl-IPC-Cmd下载最新版openssh和openssl:
openssh下载网址:https://www.openssh.com/releasenote
openssl下载网址:https://www.openssl.org/source/
把压缩包上传到/usr下面并解压出来,本文以
openssl-3.3.0.tar.gz和openssh-9.7p1.tar.gz 作为示例
cd /usr/openssl-3.3.0
mkdir -p /usr/openssh/openssl-3.3.0
./config --prefix=/usr/openssh/openssl-3.3.0
make install安装完配置文件
vim /etc/profile
#追加下面内容
export LD_LIBRARY_PATH=/usr/openssh/openssl-3.3.0/lib64:$LD_LIBRARY_PATH
export PATH=/usr/openssh/openssh-9.7p1/bin:/usr/openssh/openssh-9.7p1/sbin:/usr/openssh/openssl-3.3.0:$PATH
source /etc/profile
sudo ln -sf /usr/openssh/openssl-3.3.0/bin/openssl /usr/bin/openssl
#查看版本
openssl version下面安装openssh
cd /usr/openssh-9.7p1
mkdir -p /usr/openssh/openssh-9.7p1
./configure --prefix=/usr/openssh/openssh-9.7p1 --with-ssl-dir=/usr/openssh/openssl-3.3.0
make install
vim /usr/openssh/openssh-9.7p1/etc/sshd_config
#把配置设置打开
PermitRootLogin prohibit-password
vim /usr/lib/systemd/system/sshd9.service
#新增下面内容
[Unit]
Description=OpenSSH server daemon
After=network.target
[Service]
Type=simple
Environment=LD_LIBRARY_PATH=/usr/openssh/openssl-3.3.0/lib64
ExecStart=/usr/openssh/openssh-9.7p1/sbin/sshd -D -f /usr/openssh/openssh-9.7p1/etc/sshd_config
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartSec=42s
[Install]
WantedBy=multi-user.target停用原sshd服务,并备份相关文件
systemctl stop sshd.service
systemctl disable sshd.service
mkdir /home/ssh-old-bak
mv /etc/ssh /home/ssh-old-bak/
mv /usr/sbin/sshd /home/ssh-old-bak/
systemctl daemon-reload
systemctl start sshd9.service
systemctl status sshd9.service
显示下面内容,即为成功
以下为配置ssh key
cd /root
ls -a
#如果有.ssh目录 就直接
vim .ssh/authorized_keys
#把key内容设置进去
#如果没有.ssh 就先创建
mkdir ~/.ssh
chmod 700 ~/.ssh
#重启ssh
systemctl restart sshd9.service
#最后在设置一下目录权限
chmod 600 ~/.ssh/authorized_keys