#!/bin/bash
# 关闭SELinux
sed -i 's/enforcing$/disabled/g' /etc/selinux/config
setenforce 0
#安装关联应用
yum install -y gcc gcc-c++ glibc make autoconf openssl openssl-devel pcre-devel pam-devel
# back openssl
mv /usr/bin/openssl /usr/bin/openssl_bak && mv /usr/include/openssl /usr/include/openssl_bak
# install openssl
tar xf openssl-*.tar.* && cd openssl-*
./config shared && make && make install
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl && ln -s /usr/local/ssl/include/openssl /usr/include/openssl
echo "/usr/local/ssl/lib" >> /etc/ld.so.conf
/sbin/ldconfig
cd ..
# install openssh
tar xf openssh-*.tar.* && cd openssh-*
rm -rf /etc/ssh/*
./configure --prefix=/usr/ --sysconfdir=/etc/ssh --with-openssl-includes=/usr/local/ssl/include --with-ssl-dir=/usr/local/ssl \
--with-zlib --with-md5-passwords --with-pam && make && make install
sed -i 's/#PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config && sed -i 's/#UserPAM no/User PAM no/' /etc/ssh/sshd_config
cp -a contrib/redhat/sshd.init /etc/init.d/sshd && cp -a contrib/redhat/sshd.pam /etc/pam.d/sshd.pam
chmod +x /etc/init.d/sshd && chkconfig --add sshd
systemctl enable sshd
mv /usr/lib/systemd/system/sshd.service /root/
num=`awk -F'.' '{print $1}' /etc/redhat-release | awk -F' ' '{print $NF}'`
if [ $num -ge 6 ]; then
/etc/init.d/sshd restart
eles
systemctl daemon-reload && systemctl restart sshd
fi
ssh -V && cd .. && rm -rf ./openss*