Redhat7.x Openssh, Openssl upgrade

Note: the production of pro-environment measure, no shots, sorting out the full command line, for reference

First, make sure to use Redhat yum source

yum under RedHat is required to register to use, all need to be replaced yum source (see separate article, redhat replacement centosyum)

A. Install zlib

1. # rpm -qa | grep zlib (see zlib is installed)

   #wget http://www.zlib.net/zlib-1.2.11.tar.gz (the latest version of zlib)

   #yum  - y  install  gcc   make(安装gcc、openssl-devel)

   #tar  -zxvf  zlib-1.2.11.tar.gz

   #cd  zlib-1.2.11/

   #./configure  --prefix=/usr/local/zlib

   #make  && make  install

II. Upgrading openssl

2.openssl version (see openssl version)

   #wget  https://ftp.openssl.org/source/openssl-1.0.2r.tar.gz

   #yum  -y  install  gcc-c++  glibc  autoconf  openssl  openssl-devel  pcre-devel  pam-devel

   #yum  -y  install  pam*  zlib*

   #mv  /usr/bin/openssl  /usr/bin/openssl_bak

   #tar  -zxvf  openssl-1.0.2r.tar.gz

   #cd  openssl-1.0.2r/

   #./config  shared  zlib

   #make  &&  make  install

   #echo $?

   #ln  -s  /usr/local/ssl/bin/openssl   /usr/bin/openssl

   #ln  -s  /usr/local/ssl/include/openssl   /usr/include/openssl

   #ll

   #ll  /usr/bin/openssl

   #ll  /usr/include/openssl  -ld

   #echo  "/usr/local/ssl/lib"  >>  /etc/ld.so.conf

   #/sbin/ldconfig

   #openssl version (see success)

III. Upgrading Openssh

1.ssh -V (View)

   #wget https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/openssh-8.0p1.tar.gz

   #tar  -zxvf  openssh-8.0p1/

   #chown  -R  root:root  /root/openssh-8.0p1

   #./configure  --prefix=/usr/  \

     --sysconfdir=/etc/ssh  \

     --with-openssl-includes=/usr/local/ssl/include/  \

     --with-ssl-dir=/usr/local/ssl/  \

     --with-zlib  \

     --with-md5-passwords  \

     --with-pam

   #make  && make  install

   #chmod  600  /etc/ssh/ssh_host_rsa_key

   #chmod  600  /etc/ssh/ssh_host_ecdsa_key

   #chmod  600  /etc/ssh/ssh_host_ed25519_key

   #cp  -a  contrib/redhat/sshd.init  /etc/init.d/sshd

   #cp  -a  contrib/redhat/sshd.pam  /etc/pam.d/sshd.pam

   #chmod  +x  /etc/init.d/sshd

   #chkconfig  --add  sshd  

   #systemctl enable sshd

   #mv  /usr/lib/systemd/system/sshd.service  /root/

   #systemctl daemon-reload

   #/etc/init.d/sshd restart(systemctl  restart sshd)

   #/etc/init.d/sshd status(systemctl  status  sshd)

   #vim / etc / ssh / sshd_config (last modified port configuration files, permissions, etc.)

   #systemctl  restart  sshd

   #ssh -V (upgraded to target 8.0p1,1.0.2r)