RHEL5.4下升级openSSH6.5的RPM包

How to upgrade OpenSSH on CentOS 5 openssh-upgrade-centos5 If want your server to pass the PCI DSS scan then you will need the latest version OpenSSH. But the CentOS 5 repos doesn¡¯t contain the latest version of OpenSSH. So will have to create your own rpm and install it. First of all install the rpmbuild tools # yum install rpm-build gcc make Then download the latest version from http://www.openssh.com/portable.html # wget http://mirror.aarnet.edu.au/pub/OpenBSD/OpenSSH/portable/openssh-6.5p1.tar.gz # tar zxvf openssh-6.5p1.tar.gz Copy the files to specific folders. Create the folders if they don¡¯t exist. # cp ./openssh-6.5p1/contrib/redhat/openssh.spec /usr/src/redhat/SPECS/ # cp openssh-5.8p1.tar.gz /usr/src/redhat/SOURCES/ Now disable the x11-askpas and gnome-askpass as we don¡¯t require it. Edit /usr/src/redhat/SPECS/openssh.spec and set below values # Do we want to disable building of x11-askpass? (1=yes 0=no) %define no_x11_askpass 1 # Do we want to disable building of gnome-askpass? (1=yes 0=no) %define no_gnome_askpass 1 Now build the rpm # cd /usr/src/redhat/SPECS # rpmbuild -bb openssh.spec Above commands will create the rpm in /usr/src/redhat/RPMS/ folder. Go ahead and install them # cd /usr/src/redhat/RPMS/x86_64/ # rpm -Uvh *.rpm And it¡¯s done. You can check the SSH version using command ¡°ssh -V¡±