备份pam.d/sshd文件:
cp /etc/pam.d/sshd /etc/pam.d/sshdbak
安装前,可以多开几个ssh窗口,也可以开启telnet服务,防止意外中断无法访问服务器
rpm -e openssh --nodeps
rpm -e openssh-server --nodeps
rpm -e openssh-clients --nodeps
rpm -e openssh-askpass --nodeps
安装新版本
rpm -ivh openssh-9.2p1-1.el6.x86_64.rpm
rpm -ivh openssh-clients-9.2p1-1.el6.x86_64.rpm
rpm -ivh openssh-server-9.2p1-1.el6.x86_64.rpm
rpm -ivh openssh-askpass-9.2p1-1.el6.x86_64.rpm
完成安装后:
恢复 /etc/pam.d/sshd文件
cat /etc/pam.d/sshdbak > /etc/pam.d/sshd
vi /etc/ssh/sshd_config
PermitRootLogin yes
或者:
sed -i 's|#PermitRootLogin prohibit-password|PermitRootLogin yes|g' /etc/ssh/sshd_config
sed -i 's|#UsePAM no|UsePAM yes|g' /etc/ssh/sshd_config
sed -i 's|#UseDNS yes|UseDNS no|g' /etc/ssh/sshd_config
sed -i 's|#MaxStartups 10:30:100|MaxStartups 1000:30:3000|g' /etc/ssh/sshd_config
//sed -i -r 's/^(.*pam_nologin.so)/#\1/' /etc/pam.d/sshd
#UseLogin no ,该参数不能设成yes
UsePAM yes ,该参数需要设成yes,不然ssh登陆后,ulimit设置不会生效
//然后:(不需要)
//rm -f /etc/ssh/ssh_host_ecdsa_key
//rm -f /etc/ssh/ssh_host_ed25519_key
//ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ""
//ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ""
//ssh-keygen -t rsa -f /etc/ssh/ssh_host_ecdsa_key -N ""
//ssh-keygen -t rsa -f /etc/ssh/ssh_host_ed25519_key -N ""
对于java客户端程序访问ssh server,升级新版本ssh后,会导致无法ssh,需要在/etc/ssh/sshd_config末尾添加配置(8.2版本开始必须添加):
cat >> /etc/ssh/sshd_config <<EOF
Ciphers 3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
MACs hmac-sha1,hmac-sha1-96,hmac-sha2-256,hmac-sha2-512,hmac-md5,hmac-md5-96,umac-64@openssh.com,umac-128@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-md5-etm@openssh.com,hmac-md5-96-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com
KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,curve25519-sha256,curve25519-sha256@libssh.org,sntrup761x25519-sha512@openssh.com
EOF
启动sshd服务:
service sshd start
查看支持的算法:
ssh -Q cipher
ssh -Q mac
ssh -Q kex
对于ssh连接有些网络设备:
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -oCiphers=+aes256-cbc admin@x.x.x.x
方法一
使用-o选项增加选项(man ssh查看)
ssh -o KexAlgorithms=+diffie-hellman-group-exchange-sha1 -o HostKeyAlgorithms=+ssh-rsa username@hostname
方法二
在~/.ssh目录的下的config文件(文件不存在自行创建)中添加如下代码:
Host *
KexAlgorithms +diffie-hellman-group-exchange-sha1
HostKeyAlgorithms +ssh-rsa
————————————————
版权声明:本文为CSDN博主「MEZDE」的原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接及本声明。
原文链接:https://blog.csdn.net/qq_45924087/article/details/124494729
openssh 9.2p1 for redhat el 6.9.zip
需积分: 5 30 浏览量
2023-02-13
16:56:42
上传
评论
收藏 1.93MB ZIP 举报
openssh 9.2p1 for redhat el 6.9.zip (6个子文件) 
openssh-server-9.2p1-1.el6.x86_64.rpm 477KB openssh-clients-9.2p1-1.el6.x86_64.rpm 744KB openssh-askpass-9.2p1-1.el6.x86_64.rpm 42KB
INSTALL.txt 3KB openssh-9.2p1-1.el6.x86_64.rpm 752KB openssh-askpass-gnome-9.2p1-1.el6.x86_64.rpm 24KB资源评论
