How to upgrade OpenSSH on CentOS 5
openssh-upgrade-centos5
If want your server to pass the PCI DSS scan then you will need the latest version OpenSSH. But the CentOS 5 repos doesn¡¯t contain the latest version of OpenSSH. So will have to create your own rpm and install it.
First of all install the rpmbuild tools
# yum install rpm-build gcc make
Then download the latest version from http://www.openssh.com/portable.html
# wget http://mirror.aarnet.edu.au/pub/OpenBSD/OpenSSH/portable/openssh-6.5p1.tar.gz
# tar zxvf openssh-6.5p1.tar.gz
Copy the files to specific folders. Create the folders if they don¡¯t exist.
# cp ./openssh-6.5p1/contrib/redhat/openssh.spec /usr/src/redhat/SPECS/
# cp openssh-5.8p1.tar.gz /usr/src/redhat/SOURCES/
Now disable the x11-askpas and gnome-askpass as we don¡¯t require it. Edit /usr/src/redhat/SPECS/openssh.spec and set below values
# Do we want to disable building of x11-askpass? (1=yes 0=no)
%define no_x11_askpass 1
# Do we want to disable building of gnome-askpass? (1=yes 0=no)
%define no_gnome_askpass 1
Now build the rpm
# cd /usr/src/redhat/SPECS
# rpmbuild -bb openssh.spec
Above commands will create the rpm in /usr/src/redhat/RPMS/ folder. Go ahead and install them
# cd /usr/src/redhat/RPMS/x86_64/
# rpm -Uvh *.rpm
And it¡¯s done. You can check the SSH version using command ¡°ssh -V¡±
- 1
- 2
前往页