#!/bin/bash
#update Ubuntu12.04 : OpenSSH_7.9p1, OpenSSL 1.1.1b 26 Feb 2019
#old : OpenSSH_5.9p1 Debian-5ubuntu1, OpenSSL 1.0.1 14 Mar 2012
#20190317
#参考:
#https://blog.csdn.net/weixin_39845407/article/details/80922488
#sort url
#1. openssl-1.0.2o.tar.gz # 官方下载地址: https://www.openssl.org/source/
#2. openssh-7.7p1.tar.gz # 官方下载地址: https://fastly.cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/
#3. zlib-1.2.11.tar.gz # 官方下载地址: http://www.zlib.net/
#install telnet
#保险,安装telnet
apt-get install openbsd-inetd telnetd telnet -y
/etc/init.d/openbsd-inetd restart
#install gcc make libpam0g-dev
apt-get install gcc make libpam0g-dev -y
#update zlib
cd /root/ssh_update
dpkg -i zlib_1.2.11-1_amd64.deb
#update openssl
cd /root/ssh_update
tar xf openssl-1.1.1b.tar.gz
cd openssl-1.1.1b/
./config shared zlib
make && make install
if [ $? -ne 0 ];then
echo "make openssl failed"
exit
else
echo "make openssl success"
fi
#备份原来的openssl
mv /usr/bin/openssl /usr/bin/openssl.bak
ln -s /usr/local/bin/openssl /usr/bin/openssl
echo "/usr/local/lib/" > /etc/ld.so.conf.d/openssl.conf
ldconfig
#update openssh
#备份原来的ssh配置,卸载ssh
mv /etc/init.d/ssh /etc/init.d/ssh.old
cp -r /etc/ssh/ /etc/ssh.old
apt-get remove openssh-server openssh-client -y
cd /root/ssh_update
tar xf openssh-7.9p1.tar.gz
cd openssh-7.9p1/
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-zlib --with-ssl-dir=/usr/local/ssl --with-privsep-path=/var/lib/sshd
make && make install
cd /etc/ssh
mv sshd_config sshd_config.default
cp ../ssh.old/sshd_config ./
mv /etc/init.d/ssh.old /etc/init.d/ssh
str=`ssh -V 2>&1`
if [[ "$str" =~ "7.9p1" ]] && [[ "$str" =~ "1.1.1b" ]]
then
echo "update ssh success"
else
echo "update ssh failed"
exit 1
fi
sleep 1s
/etc/init.d/ssh restart
sleep 5s
ps aux | grep -v grep | grep -q '/usr/sbin/sshd'
if [ $? -ne 0 ];then
/etc/init.d/ssh start
fi