升级openssh和ssl脚本_在线升级ssl和openssh资源-CSDN文库

版权申诉

5星 · 超过95%的资源 46 浏览量 2023-04-12 09:49:14 上传评论收藏 11.92MB GZ 举报

共9个文件

rpm：4个

sh：2个

gz：2个

资源推荐

资源详情

资源评论

收起资源包目录

openssh.tar.gz （9个子文件）

openssh

openssl-1.1.1k.tar.gz 9.37MB

openssh.sh 5KB

zlib-1.2.7-18.el7.x86_64.rpm 90KB

zlib-devel-1.2.7-18.el7.x86_64.rpm 50KB

check_point.log 2KB

openssh-8.6p1.tar.gz 1.7MB

pam-1.1.8-23.el7.x86_64.rpm 721KB

pam-devel-1.1.8-23.el7.x86_64.rpm 185KB

openssl.sh 695B

#/bin/bash #需要手动修改的变量 version="ssh_8.6p1" #定义版本号 soft_dir=$(cd "$(dirname "$0")"; pwd) # 上传安装包的目录 ssl_media="openssl-1.1.1k.tar.gz" #ssl软件包名 ssh_media="openssh-8.6p1.tar.gz" # ssh软件包名 # ssl_soft="/$soft_dir/$ssl_media" ssh_soft="/$soft_dir/$ssh_media" OS_version=$(cat /etc/redhat-release | awk '{ if(match($0,"release ")) {print substr($0,RSTART+RLENGTH)}}' | awk -F '.' '{print $1}') # #if [ -f "${ssl_soft}" -a -f "${ssh_soft}" ];then # soft_dir="/$soft_dir/$version" # 定义工作目录 #mkdir -p $soft_dir #else # echo "`date +%H:%M:%S`--install media is not exist" |tee -a $soft_dir/check_point.log #echo "`date +%H:%M:%S`--exitd" |tee -a ./check_point.log #exit; #fi #安装升级所需依赖包 function InstallDeploy(){ echo "`date +%H:%M:%S`--install the Depend on the package.." |tee -a $soft_dir/check_point.log yum -y install gcc pam-devel zlib-devel perl openssl-devel echo "`date +%H:%M:%S`--install completed " |tee -a $soft_dir/check_point.log } # function Unpack(){ echo "`date +%H:%M:%S`--Unpack the package.... " |tee -a $soft_dir/check_point.log cd $soft_dir tar xvf $ssl_soft tar xvf $ssh_soft echo "`date +%H:%M:%S`--Unpack completed " |tee -a $soft_dir/check_point.log } function Backup(){ echo "`date +%H:%M:%S`--Backup important files..." |tee -a $soft_dir/check_point.log \cp -af /usr/lib64/openssl /usr/lib64/openssl.old \cp -af /usr/bin/openssl /usr/bin/openssl.old \cp -af /usr/include/openssl /usr/include/openssl.old \cp -af /etc/pki/ca-trust/extracted/openssl /etc/pki/ca-trust/extracted/openssl.old \cp -af /usr/lib64/libcrypto.so.10 /usr/lib64/libcrypto.so.10.old \cp -af /usr/lib64/libssl.so.10 /usr/lib64/libssl.so.10.old \mv /usr/bin/openssl /usr/bin/openssl.bak \mv /usr/include/openssl /usr/include/openssl.bak \cp -arf /etc/ssh/ /etc/ssh_`date +%F` echo "`date +%H:%M:%S`--Backup completed " |tee -a $soft_dir/check_point.log } function Installopenssl(){ echo "`date +%H:%M:%S`--Installopenssl...." |tee -a $soft_dir/check_point.log cd $soft_dir/openssl*/ echo "`date +%H:%M:%S`--start to install openssl........." |tee -a $soft_dir/check_point.log ./config --prefix=/usr/local --openssldir=/usr/local/openssl shared zlib make depend make && make install # 加载动态库 ln -s /usr/local/bin/openssl /usr/bin/openssl ln -s /usr/local/include/openssl /usr/include/openssl echo "/usr/local/lib64/" >> /etc/ld.so.conf echo "/usr/local/lib" >> /etc/ld.so.conf ldconfig ln -s /usr/local/lib/libssl.so.1.1 /usr/lib/ ln -s /usr/local/lib/libcrypto.so.1.1 /usr/lib/ openssl version -a echo "`date +%H:%M:%S`--openssl upgrade complete..." |tee -a $soft_dir/check_point.log echo "`date +%H:%M:%S`--version: `openssl version`" |tee -a $soft_dir/check_point.log echo "`date +%H:%M:%S`--Installopenssl completed " |tee -a $soft_dir/check_point.log } function Installopenssh(){ echo "`date +%H:%M:%S`--Installopenssh...." |tee -a $soft_dir/check_point.log cd $soft_dir/openssh*/ echo "`date +%H:%M:%S`--start to install openssh..." |tee -a $soft_dir/check_point.log ./configure \ --prefix=/usr \ --sysconfdir=/etc/ssh \ --with-md5-passwords \ --with-pam \ --with-tcp-wrappers \ --with-ssl-dir=/usr/local/openssl \ --with-zlib=/usr/local/lib64 \ --without-hardening make && chmod 600 /etc/ssh/* make install && echo "`date +%H:%M:%S`--Installopenssh completed " |tee -a $soft_dir/check_point.log } function Configssh(){ echo "`date +%H:%M:%S`--Config ssh...." |tee -a $soft_dir/check_point.log cd $soft_dir/openssh*/ if test -e /usr/lib/systemd/system/sshd.service then mv /usr/lib/systemd/system/sshd.service /usr/lib/systemd/system/sshd.service_bk fi #mv /usr/lib/systemd/system/sshd.service /usr/lib/systemd/system/sshd.service_bk cp contrib/redhat/sshd.init /etc/init.d/sshd chmod a+x /etc/init.d/sshd cp contrib/redhat/sshd.pam /etc/pam.d/sshd.pam chkconfig --add sshd chkconfig sshd on if [ "a$OS_version" == "a7" ] then systemctl enable sshd fi echo "KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1" >> /etc/ssh/sshd_config #sed -i 's/PermitRootLogin/#&/' /etc/ssh/sshd_config #echo "PermitRootLogin no" >> /etc/ssh/sshd_config sed -i 's/GSSAPICleanupCredentials no/#&/' /etc/ssh/sshd_config sed -i 's/GSSAPIAuthentication yes/#&/' /etc/ssh/sshd_config chmod 600 /etc/ssh/* echo "`date +%H:%M:%S`--Config ssh...." |tee -a ./check_point.log echo "`date +%H:%M:%S`--Restart ssh service...." |tee -a $soft_dir/check_point.log if [ "a$OS_version" == "a7" ] then systemctl restart sshd else service sshd restart fi echo "`date +%H:%M:%S`--Restart ssh completed " |tee -a $soft_dir/check_point.log } function start(){ #InstallDeploy Unpack Backup Installopenssl Installopenssh Configssh openssl version -a ssh -V } start

评论收藏

内容反馈

版权申诉