标签:bad 永久 init ica pam 说明 tps roo financial
- 自行配置系统网络yum源。
RedHat_6.5 OpenSSH_5.3p1 RedHat_6.8 OpenSSH_5.3p1 RedHat_6.9 OpenSSH_5.3 RedHat_7.4 OpenSSH_7.4p1 RedHat_7.5 OpenSSH_7.4p1 CentOS_7.4.1708 OpenSSH_7.4p1 Ubuntu_16.04.1 OpenSSH_7.2p2
[root@centos7 ~]# cat /etc/motd
Welcome to **** Financial Cloud Elastic Compute Service !
This ECS instance is based on image CentOS_7.4_baseline_20190702
sed -i ‘$a\172.190.10.204 mirrors.htsec.com‘ /etc/hosts
yum update -y openssh openssl yum install -y gcc gcc-c++ glibc make autoconf openssl-devel pcre-devel pam-devel
官网站点下载地址 https://cloudflare.cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/
tar -zxf /home/openssh-*tar.gz -C /home
mv /etc/ssh /etc/ssh.old #或者直接删除 rm -rf /etc/ssh/*
rpm -qa | grep openssh |xargs -n1 rpm -e --nodeps #卸载前后查询rpm包。 [root@localhost src]# rpm -qa | grep openssh openssh-clients-6.4p1-8.el7.x86_64 openssh-server-6.4p1-8.el7.x86_64 openssh-6.4p1-8.el7.x86_64
cd /home/openssh-*p1/
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-zlib --with-ssh1
make && make install
cd /home/openssh-*p1/
cp -a contrib/redhat/sshd.init /etc/init.d/sshd
cp -a contrib/redhat/sshd.pam /etc/pam.d/sshd.pam
chmod +x /etc/init.d/sshd
chkconfig --add sshd
systemctl enable sshd #此命令只适用于centos7以上操作系统。
mv /usr/lib/systemd/system/sshd.service /home rm -rf /usr/lib/systemd/system/sshd.service
[root@linux-node3 ~]# chkconfig sshd on Note: Forwarding request to ‘systemctl enable sshd.socket‘. Created symlink from /etc/systemd/system/sockets.target.wants/sshd.socket to /usr/lib/systemd/system/sshd.socket.
centos 7版本以上
systemctl stop firewalld #关闭防火墙。 setenforce 0 #临时关闭SELinux,不需重启。 sed -i ‘s/^SELINUX=enforcing/SELINUX=disabled/g‘ /etc/selinux/config #永久关闭selinux,需重启生效。centos 6版本以下service iptables status service iptables stop setenforce 0 #临时关闭SELinux,不需重启。 sed -i ‘s/^SELINUX=enforcing/SELINUX=disabled/g‘ /etc/selinux/config #永久关闭selinux,需重启生效。
sed -i ‘s/^#PermitRootLogin prohibit-password/PermitRootLogin yes/g‘ /etc/ssh/sshd_configsed -i ‘s/^#UseDNS no/UseDNS no/g‘ /etc/ssh/sshd_configsed -i ‘s/^#PasswordAuthentication yes/PasswordAuthentication yes/g‘ /etc/ssh/sshd_configservice sshd restart #重新启动服务
[root@linux-node3 ~]# /etc/init.d/sshd restart
Restarting sshd (via systemctl): [ OK ]
[root@linux-node3 ~]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 31800/sshd
tcp6 0 0 :::22 :::* LISTEN 31800/sshd
tcp6 0 0 :::23 :::* LISTEN 1/systemd
[root@linux-node3 ~]# /etc/init.d/sshd stop
Stopping sshd (via systemctl): [ OK ]
[root@linux-node3 ~]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp6 0 0 :::23 :::* LISTEN 1/systemd
[root@linux-node3 ~]# /etc/init.d/sshd start
Starting sshd (via systemctl): [ OK ]
使用systemd方式启停也可以。此命令只适用于centos7以上操作系统
[root@linux-node3 ~]# systemctl stop sshd [root@linux-node3 ~]# netstat -lntp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp6 0 0 :::23 :::* LISTEN 1/systemd [root@linux-node3 ~]# systemctl start sshd [root@linux-node3 ~]# netstat -lntp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 31958/sshd tcp6 0 0 :::22 :::* LISTEN 31958/sshd tcp6 0 0 :::23 :::* LISTEN 1/systemd [root@linux-node3 ~]# systemctl restart sshd [root@linux-node3 ~]# netstat -lntp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 31999/sshd tcp6 0 0 :::22 :::* LISTEN 31999/sshd tcp6 0 0 :::23 :::* LISTEN 1/systemd
15.验证是否升级成功
[root@linux-node3 ~]# ssh -V OpenSSH_8.0p1, OpenSSL 1.0.2k-fips 26 Jan 2017
标签:bad 永久 init ica pam 说明 tps roo financial
原文地址:https://www.cnblogs.com/shanghai1918/p/13051126.html
