update

content/post/openssh-upgrade.md

@@ -11,8 +11,22 @@ categories: ["os"]
 - [openssh 源码包](https://www.openssh.com/portable.html)
 - [openssl 源码包](https://www.openssl.org/source/)
 
-## 不带 openssl（不推荐）
-### 编译 openssh
+## 编译 openssl
+- 下载 openssl 源码包，解压
+    ```bash
+    curl -LO https://github.com/openssl/openssl/releases/download/openssl-3.5.6/openssl-3.5.6.tar.gz
+    tar zxf openssl-3.5.6.tar.gz
+    cd openssl-3.5.6
+    ```
+
+- 编译安装 openssl
+    ```bash
+    ./Configure --prefix=/opt/openssl 
+    make
+    make install
+    ```
+
+## 编译 openssh
 - 下载 openssh 源码包，解压
     ```bash
     curl -LO https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-10.3p1.tar.gz
@@ -23,7 +37,10 @@ categories: ["os"]
 
 - 编译安装 openssh
     ```bash
-    ./configure --prefix=/opt/openssh --without-openssl
+    mkdir /opt/openssh
+    export PATH=/opt/openssl/bin:$PATH
+    export LD_LIBRARY_PATH=/opt/openssl/lib64
+    ./configure --prefix=/opt/openssh --with-ssl-dir=/opt/openssl
     make
     make install
     ```
@@ -59,63 +76,7 @@ categories: ["os"]
     PidFile /var/run/openssh.pid
     ```
 
-### 创建 systemd 启动文件
-- 创建 /opt/openssh/openssh.service，内容如下
-    ```
-    [Unit]
-    Description=OpenSSH server daemon
-    After=network.target sshd-keygen.service
-    Wants=sshd-keygen.service
-
-    [Service]
-    Type=simple
-    ExecStart=/opt/openssh/sbin/sshd -D
-    KillMode=process
-    Restart=on-failure
-    RestartSec=42s
-
-    [Install]
-    WantedBy=multi-user.target
-    ```
-
-### 打包
-- 进入 /opt 目录下，打包 openssh 目录
-    ```
-    cd /opt
-    tar zcf /tmp/openssh-9.8p1-without-openssl.tgz openssh/
-    ```
-
-## 带 openssl
-### 编译 openssl
-- 下载 openssl 源码包，解压
-    ```bash
-    curl -LO https://github.com/openssl/openssl/releases/download/openssl-3.5.6/openssl-3.5.6.tar.gz
-    tar zxf openssl-3.5.6.tar.gz
-    cd openssl-3.5.6
-    ```
-
-- 编译安装 openssl
-    ```bash
-    ./Configure --prefix=/opt/openssl 
-    make
-    make install
-    ```
-
-### 编译 openssh
-- 下载 openssh 源码包，解压，同上
-- 编译安装 openssh
-    ```bash
-    mkdir /opt/openssh
-    export PATH=/opt/openssl/bin:$PATH
-    export LD_LIBRARY_PATH=/opt/openssl/lib64
-    ./configure --prefix=/opt/openssh --with-ssl-dir=/opt/openssl
-    make
-    make install
-    ```
-
-- 编辑 /opt/openssh/etc/sshd_config，修改常用配置，同上
-
-### 创建 systemd 启动文件
+## 创建 systemd 启动文件
 - 创建 /opt/openssh/openssh.service，内容如下
     ```
     [Unit]
@@ -135,7 +96,7 @@ categories: ["os"]
     WantedBy=multi-user.target
     ```
 
-### 打包
+## 打包
 - 进入 /opt 目录下，打包 openssl 和 openssh 目录
     ```bash
     cd /opt