文章目录
备份文件
安装依赖
编译生成rpm包
执行安装/升级
安装包分发
备份文件
务必备份!最后会用得到!
mkdir -p ~/openssh-bak
cp -ar /etc/ssh ~/openssh-bak
cp -ar /etc/pam.d ~/openssh-bak
1
2
3
mkdir -p ~/openssh-bak
cp -ar /etc/ssh ~/openssh-bak
cp -ar /etc/pam.d ~/openssh-bak
安装依赖
yum install gcc rpm-build openssl-devel pam-devel perl-macros
1
yum install gcc rpm-build openssl-devel pam-devel perl-macros
编译生成rpm包
[root@localhost ~]# mkdir -p /usr/src/redhat/{SOURCES,SPECS}
[root@localhost ~]# cd /usr/src/redhat/SOURCES/
[root@localhost ~]# wget http://ftp.riken.jp/Linux/momong ... pass-1.2.4.1.tar.gz
[root@localhost ~]# cp x11-ssh-askpass-1.2.4.1.tar.gz /root/rpmbuild/SOURCES/
[root@localhost SOURCES]# wget https://cdn.openbsd.org/pub/Open ... penssh-7.9p1.tar.gz
[root@localhost SOURCES]# tar -zvxf openssh-7.9p1.tar.gz openssh-7.9p1/contrib/redhat/openssh.spec
[root@localhost SOURCES]# mv openssh-7.9p1/contrib/redhat/openssh.spec ../SPECS/
[root@localhost SOURCES]# chown sshd:sshd /usr/src/redhat/SPECS/openssh.spec
[root@localhost SOURCES]# cp /usr/src/redhat/SPECS/openssh.spec /usr/src/redhat/SPECS/openssh.spec_def
[root@localhost SOURCES]# sed -i -e "s/%define no_gnome_askpass 0/%define no_gnome_askpass 1/g" /usr/src/redhat/SPECS/openssh.spec
[root@localhost SOURCES]# sed -i -e "s/%define no_x11_askpass 0/%define no_x11_askpass 1/g" /usr/src/redhat/SPECS/openssh.spec
[root@localhost SOURCES]# mkdir -p ~/rpmbuild/SOURCES/
[root@localhost SOURCES]# cp /usr/src/redhat/SOURCES/openssh-7.9p1.tar.gz ~/rpmbuild/SOURCES/
[root@localhost SOURCES]# cd /usr/src/redhat/SPECS/
[root@localhost SPECS]# rpmbuild -ba openssh.spec
[root@localhost SPECS]# ll /root/rpmbuild/RPMS/x86_64/openssh-*
-rw-r--r-- 1 root root 496204 1月 17 13:31 /root/rpmbuild/RPMS/x86_64/openssh-7.9p1-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 548576 1月 17 13:31 /root/rpmbuild/RPMS/x86_64/openssh-clients-7.9p1-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 2508852 1月 17 13:31 /root/rpmbuild/RPMS/x86_64/openssh-debuginfo-7.9p1-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 391696 1月 17 13:31 /root/rpmbuild/RPMS/x86_64/openssh-server-7.9p1-1.el7.x86_64.rpm
参考:https://blog.csdn.net/qq_42609381/article/details/82855043
# 编译过程遇到的错误:
错误:构建依赖失败: openssl-devel < 1.1 被 openssh-7.9p1-1.el7.x86_64 需要
解决:[root@localhost SPECS]# vim openssh.spec 注释掉 BuildRequires: openssl-devel < 1.1 这一行
错误:configure: error: PAM headers not found
RPM 构建错误: /var/tmp/rpm-tmp.OB3GHI (%build) 退出状态不好
解决: yum install pam-devel
错误:坏文件:/root/rpmbuild/SOURCES/x11-ssh-askpass-1.2.4.1.tar.gz: 没有那个文件或目录
解决:
wget http://ftp.riken.jp/Linux/momong ... pass-1.2.4.1.tar.gz
cp x11-ssh-askpass-1.2.4.1.tar.gz /root/rpmbuild/SOURCES/
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
[root@localhost ~]# mkdir -p /usr/src/redhat/{SOURCES,SPECS}
[root@localhost ~]# cd /usr/src/redhat/SOURCES/
[root@localhost ~]# wget http://ftp.riken.jp/Linux/momong ... pass-1.2.4.1.tar.gz
[root@localhost ~]# cp x11-ssh-askpass-1.2.4.1.tar.gz /root/rpmbuild/SOURCES/
[root@localhost SOURCES]# wget https://cdn.openbsd.org/pub/Open ... penssh-7.9p1.tar.gz
[root@localhost SOURCES]# tar -zvxf openssh-7.9p1.tar.gz openssh-7.9p1/contrib/redhat/openssh.spec
[root@localhost SOURCES]# mv openssh-7.9p1/contrib/redhat/openssh.spec ../SPECS/
[root@localhost SOURCES]# chown sshd:sshd /usr/src/redhat/SPECS/openssh.spec
[root@localhost SOURCES]# cp /usr/src/redhat/SPECS/openssh.spec /usr/src/redhat/SPECS/openssh.spec_def
[root@localhost SOURCES]# sed -i -e "s/%define no_gnome_askpass 0/%define no_gnome_askpass 1/g" /usr/src/redhat/SPECS/openssh.spec
[root@localhost SOURCES]# sed -i -e "s/%define no_x11_askpass 0/%define no_x11_askpass 1/g" /usr/src/redhat/SPECS/openssh.spec
[root@localhost SOURCES]# mkdir -p ~/rpmbuild/SOURCES/
[root@localhost SOURCES]# cp /usr/src/redhat/SOURCES/openssh-7.9p1.tar.gz ~/rpmbuild/SOURCES/
[root@localhost SOURCES]# cd /usr/src/redhat/SPECS/
[root@localhost SPECS]# rpmbuild -ba openssh.spec
[root@localhost SPECS]# ll /root/rpmbuild/RPMS/x86_64/openssh-*
-rw-r--r-- 1 root root 496204 1月 17 13:31 /root/rpmbuild/RPMS/x86_64/openssh-7.9p1-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 548576 1月 17 13:31 /root/rpmbuild/RPMS/x86_64/openssh-clients-7.9p1-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 2508852 1月 17 13:31 /root/rpmbuild/RPMS/x86_64/openssh-debuginfo-7.9p1-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 391696 1月 17 13:31 /root/rpmbuild/RPMS/x86_64/openssh-server-7.9p1-1.el7.x86_64.rpm
参考:https://blog.csdn.net/qq_42609381/article/details/82855043
# 编译过程遇到的错误:
错误:构建依赖失败: openssl-devel < 1.1 被 openssh-7.9p1-1.el7.x86_64 需要
解决:[root@localhost SPECS]# vim openssh.spec 注释掉 BuildRequires: openssl-devel < 1.1 这一行
错误:configure: error: PAM headers not found
RPM 构建错误: /var/tmp/rpm-tmp.OB3GHI (%build) 退出状态不好
解决: yum install pam-devel
错误:坏文件:/root/rpmbuild/SOURCES/x11-ssh-askpass-1.2.4.1.tar.gz: 没有那个文件或目录
解决:
wget http://ftp.riken.jp/Linux/momong ... pass-1.2.4.1.tar.gz
cp x11-ssh-askpass-1.2.4.1.tar.gz /root/rpmbuild/SOURCES/
以上操作可以保存为bash文件执行:
!#/bin/bash
mkdir -p /usr/src/redhat/{SOURCES,SPECS}
cd /usr/src/redhat/SOURCES/
wget http://ftp.riken.jp/Linux/momong ... pass-1.2.4.1.tar.gz
cp x11-ssh-askpass-1.2.4.1.tar.gz /root/rpmbuild/SOURCES/
wget https://cdn.openbsd.org/pub/Open ... penssh-7.9p1.tar.gz
tar -zvxf openssh-7.9p1.tar.gz openssh-7.9p1/contrib/redhat/openssh.spec
mv openssh-7.9p1/contrib/redhat/openssh.spec ../SPECS/
chown sshd:sshd /usr/src/redhat/SPECS/openssh.spec
cp /usr/src/redhat/SPECS/openssh.spec /usr/src/redhat/SPECS/openssh.spec_def
sed -i -e "s/%define no_gnome_askpass 0/%define no_gnome_askpass 1/g" /usr/src/redhat/SPECS/openssh.spec
sed -i -e "s/%define no_x11_askpass 0/%define no_x11_askpass 1/g" /usr/src/redhat/SPECS/openssh.spec
mkdir -p ~/rpmbuild/SOURCES/
cp /usr/src/redhat/SOURCES/openssh-7.9p1.tar.gz ~/rpmbuild/SOURCES/
cd /usr/src/redhat/SPECS/
rpmbuild -ba openssh.spec
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
!#/bin/bash
mkdir -p /usr/src/redhat/{SOURCES,SPECS}
cd /usr/src/redhat/SOURCES/
wget http://ftp.riken.jp/Linux/momong ... pass-1.2.4.1.tar.gz
cp x11-ssh-askpass-1.2.4.1.tar.gz /root/rpmbuild/SOURCES/
wget https://cdn.openbsd.org/pub/Open ... penssh-7.9p1.tar.gz
tar -zvxf openssh-7.9p1.tar.gz openssh-7.9p1/contrib/redhat/openssh.spec
mv openssh-7.9p1/contrib/redhat/openssh.spec ../SPECS/
chown sshd:sshd /usr/src/redhat/SPECS/openssh.spec
cp /usr/src/redhat/SPECS/openssh.spec /usr/src/redhat/SPECS/openssh.spec_def
sed -i -e "s/%define no_gnome_askpass 0/%define no_gnome_askpass 1/g" /usr/src/redhat/SPECS/openssh.spec
sed -i -e "s/%define no_x11_askpass 0/%define no_x11_askpass 1/g" /usr/src/redhat/SPECS/openssh.spec
mkdir -p ~/rpmbuild/SOURCES/
cp /usr/src/redhat/SOURCES/openssh-7.9p1.tar.gz ~/rpmbuild/SOURCES/
cd /usr/src/redhat/SPECS/
rpmbuild -ba openssh.spec
执行安装/升级
卸载当前版本的openssh
rpm -e `rpm -qa |grep openssh`
如果有依赖:
rpm -e `rpm -qa |grep openssh` --nodeps
1
2
3
rpm -e `rpm -qa |grep openssh`
如果有依赖:
rpm -e `rpm -qa |grep openssh` --nodeps
删除/etc/ssh/下所有文件(注意检查是否备份)
rm -rf /etc/ssh/*
1
rm -rf /etc/ssh/*
rpm安装openssh7.9p1
cd /root/rpmbuild/RPMS/x86_64/
rpm -iv --force --nodeps *.rpm
1
2
cd /root/rpmbuild/RPMS/x86_64/
rpm -iv --force --nodeps *.rpm
配置服务
设置开机启动:
chkconfig sshd on
编辑ssh配置文件:
vim /etc/ssh/sshd_config
配置:
UsePAM yes
如果要允许root用户ssh登录需要配置:PermitRootLogin yes
服务重启
service sshd restart
验证连接和版本
ssh -V
1
2
3
4
5
6
7
8
9
10
11
12
13
14
设置开机启动:
chkconfig sshd on
编辑ssh配置文件:
vim /etc/ssh/sshd_config
配置:
UsePAM yes
如果要允许root用户ssh登录需要配置:PermitRootLogin yes
服务重启
service sshd restart
验证连接和版本
ssh -V
由于升级后sshd会修改 /etc/pam.d/sshd 文件,用户将无法登录,报以下错误:
PAM unable to dlopen(/lib64/security/pam_stack.so): /lib64/security/pam_stack.so: cannot open shared object file: No such file or directory
PAM adding faulty module: /lib64/security/pam_stack.so
1
2
PAM unable to dlopen(/lib64/security/pam_stack.so): /lib64/security/pam_stack.so: cannot open shared object file: No such file or directory
PAM adding faulty module: /lib64/security/pam_stack.so
解决办法是需要将之前备份的该文件还原回去。
安装包分发
rpm包编译生成好了之后可以分发到其他的服务器上,执行以下指令打包即可,此外也可以通过scp指令进行分发。
cd /root/rpmbuild/RPMS/x86_64/
zip openssh.zip *
1
2
cd /root/rpmbuild/RPMS/x86_64/
zip openssh.zip *
参考连接:
https://www.cnblogs.com/liao-lin/p/10286722.html
https://johng.cn/install-openssh7-9p1-in-centos7/
|