colben/www.colben.cn
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
colben
2026-04-13 19:53:12 +08:00
parent ee2b1accab
commit 2a04f3e5cf
1 changed files with 22 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

83
content/post/openssh-upgrade.md
View File

@@ -11,8 +11,22 @@ categories: ["os"]
- [openssh 源码包](https://www.openssh.com/portable.html) - [openssh 源码包](https://www.openssh.com/portable.html)
- [openssl 源码包](https://www.openssl.org/source/) - [openssl 源码包](https://www.openssl.org/source/)
## 不带 openssl(不推荐) ## 编译 openssl
### 编译 openssh - 下载 openssl 源码包,解压
```bash
curl -LO https://github.com/openssl/openssl/releases/download/openssl-3.5.6/openssl-3.5.6.tar.gz
tar zxf openssl-3.5.6.tar.gz
cd openssl-3.5.6
```
- 编译安装 openssl
```bash
./Configure --prefix=/opt/openssl
make
make install
```
## 编译 openssh
- 下载 openssh 源码包,解压 - 下载 openssh 源码包,解压
```bash ```bash
curl -LO https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-10.3p1.tar.gz curl -LO https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-10.3p1.tar.gz
@@ -23,7 +37,10 @@ categories: ["os"]
- 编译安装 openssh - 编译安装 openssh
```bash ```bash
./configure --prefix=/opt/openssh --without-openssl mkdir /opt/openssh
export PATH=/opt/openssl/bin:$PATH
export LD_LIBRARY_PATH=/opt/openssl/lib64
./configure --prefix=/opt/openssh --with-ssl-dir=/opt/openssl
make make
make install make install
``` ```
@@ -59,63 +76,7 @@ categories: ["os"]
PidFile /var/run/openssh.pid PidFile /var/run/openssh.pid
``` ```
### 创建 systemd 启动文件 ## 创建 systemd 启动文件
- 创建 /opt/openssh/openssh.service内容如下
```
[Unit]
Description=OpenSSH server daemon
After=network.target sshd-keygen.service
Wants=sshd-keygen.service
[Service]
Type=simple
ExecStart=/opt/openssh/sbin/sshd -D
KillMode=process
Restart=on-failure
RestartSec=42s
[Install]
WantedBy=multi-user.target
```
### 打包
- 进入 /opt 目录下,打包 openssh 目录
```
cd /opt
tar zcf /tmp/openssh-9.8p1-without-openssl.tgz openssh/
```
## 带 openssl
### 编译 openssl
- 下载 openssl 源码包,解压
```bash
curl -LO https://github.com/openssl/openssl/releases/download/openssl-3.5.6/openssl-3.5.6.tar.gz
tar zxf openssl-3.5.6.tar.gz
cd openssl-3.5.6
```
- 编译安装 openssl
```bash
./Configure --prefix=/opt/openssl
make
make install
```
### 编译 openssh
- 下载 openssh 源码包,解压,同上
- 编译安装 openssh
```bash
mkdir /opt/openssh
export PATH=/opt/openssl/bin:$PATH
export LD_LIBRARY_PATH=/opt/openssl/lib64
./configure --prefix=/opt/openssh --with-ssl-dir=/opt/openssl
make
make install
```
- 编辑 /opt/openssh/etc/sshd_config修改常用配置同上
### 创建 systemd 启动文件
- 创建 /opt/openssh/openssh.service内容如下 - 创建 /opt/openssh/openssh.service内容如下
``` ```
[Unit] [Unit]
@@ -135,7 +96,7 @@ categories: ["os"]
WantedBy=multi-user.target WantedBy=multi-user.target
``` ```
### 打包 ## 打包
- 进入 /opt 目录下,打包 openssl 和 openssh 目录 - 进入 /opt 目录下,打包 openssl 和 openssh 目录
```bash ```bash
cd /opt cd /opt