First, install the telnet-server service (recommended installation)
1, to see whether the system has been installed telnet-server, linux system has been installed on the default telnet-client (or telnet), and telnet-server needs to be installed manually.
rpm -qa | grep telnet
telnet-0.17-39.el5
telnet-server-0.17-39.el5
2, if not installed telnet-server, telnet-server need to install
yum install telnet-server
3, edit /etc/xinetd.d/telnet, which will disable = yes is yes to no.
4, activate xinetd service
service xinetd restart
or:
/etc/rc.d/init.d/xinetd restart
Second, download the required system upgrade package
1, telnet-server download package (installation recommended yum)
wget http://202.107.70.26/cdkey/telnet-server-1.2-134.22.x86_64.rpm
2, download openssh package
wget http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.5p1.tar.gz
3, download zlib package
wget https://sourceforge.net/projects/libpng/files/zlib/1.2.8/zlib-1.2.8.tar.gz --no-check-certificate
wget http://202.107.70.26/cdkey/zlib-1.2.8.tar.gz
4, download openssl package (recommended download high version)
wget https://www.openssl.org/source/openssl-1.1.0h.tar.gz --no-check-certificate
wget
http://www.openssl.org/source/openssl-1.0.1h.tar.gz
wget https://ftp.openssl.org/source/old/1.0.2/openssl-1.0.2h.tar.gz --no-check-certificate
wget
https://www.openssl.org/source/openssl-1.0.2o.tar.gz
--no-check-certificate
5, Download openssl-fips (recommended download high version)
wget
http://www.openssl.org/source/openssl-fips-2.0.5.tar.gz
wget
https://www.openssl.org/source/openssl-fips-2.0.16.tar.gz
--no-check-certificate
Third, the upgrade version openssl
1, compile and install zlib-1.2.8.tar.gz
tar zxvf zlib-1.2.8.tar.gz
cd zlib-1.2.8
./configure
make && make install
2, compiled and installed openssl-fips-2.0.16.tar.gz
tar -zxvf
openssl-fips-2.0.16.tar.gz
cd openssl-fips-2.0.16
./config
make && make install
3, compile and install openssl-1.0.2o.tar.gz
tar -zxvf
openssl-1.0.2o.tar.gz
cd
openssl-1.0.2o
./config fips --shared
make && make install
4, backup Older openssl
mkdir -p /opt/openssl_old
mv /usr/bin/openssl /opt/openssl_old/
5. Replace the new version of openssl
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
ll /usr/bin/openssl
lrwxrwxrwx 1 root root 26 Jun 30 20:55 /usr/bin/openssl -> /usr/local/ssl/bin/openssl
6, after the OpenSSL version checking for updates
Note: While the upgrade OpenSSL, but use rpm -q openssl view version or older version (only because rpm rpm package management), so still want to see the openssl version openssl version -a command prevail.
openssl version
openssl version -a
Fourth, the upgrade version of openssh
1, compile and install openssh-7.5p1.tar.gz
tar -zxvf openssh-7.5p1.tar.gz
cd openssh-7.5p1/
./configure
make
make install
2, the copy startup script sshd start script, the contrib / directory system corresponding to
cd /usr/local/src/openssh-7.1p1/contrib/
ls
Makefile aix findssl.sh gnome-ssh-askpass2.c redhat ssh-copy-id sshd.pam.freebsd suse
README cygwin gnome-ssh-askpass1.c hpux solaris ssh-copy-id.1 sshd.pam.generic
cp suse/rc.sshd /etc/init.d/sshd
chmod 755 /etc/init.d/sshd
3, set the boot
chkconfig --add sshd
sshd 0:off 1:off 2:off 3:on 4:off 5:on 6:off
chkconfig sshd on
4, modify the startup file and restart
/etc/init.d/sshd vi
, modify
SSHD=/usr/sbin/sshd 为 SSHD=/usr/local/sbin/sshd
OpenSSH 7 the default version does not allow root login, you need to modify PermitRootLogin, PasswordAuthentication to allow
/etc/init.d/sshd restart
5, telnet 127.0.0.1 22 according to verify the success of Echo to see
6. Replace command
mv /usr/bin/ssh /usr/bin/ssh_bak
mv /usr/local/bin/ssh /usr/bin/ssh
7. Review upgraded version
ssh -V
Fifth, turn off telnet-server service
1, edit /etc/xinetd.d/telnet, will be one of = disable
no of no change yes.
2, activate xinetd service
service xinetd stop
or:
/etc/rc.d/init.d/xinetd stop