编译升级openssh到新版本

TOC

编译安装openssh-9.8p1版本

★安装之前的准备工作★

openssh下载地址：https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.8p1.tar.gz
安装依赖包：

apt install libssl-dev -y

源码安装的原因

使用apt的upgrade会发现最新版本是8.9的版本了，所以我们要更新到更新的版本就需要下载源码包编译安装。

root@test:~# apt upgrade -y openssh-client openssh-server
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
openssh-client is already the newest version (1:8.9p1-3ubuntu0.10).
openssh-server is already the newest version (1:8.9p1-3ubuntu0.10).
Calculating upgrade... Done
......
0 upgraded, 0 newly installed, 0 to remove and 3 not upgraded.

1.备份原来的ssh

mkdir -p /usr/local/ssh_bak
# 备份命令
cp -arpf /usr/bin/scp /usr/local/ssh_bak
cp -arpf /usr/bin/sftp /usr/local/ssh_bak
cp -arpf /usr/bin/ssh /usr/local/ssh_bak
cp -arpf /usr/bin/ssh-add /usr/local/ssh_bak
cp -arpf /usr/bin/ssh-agent /usr/local/ssh_bak
cp -arpf /usr/bin/ssh-keygen /usr/local/ssh_bak
cp -arpf /usr/bin/ssh-keyscan /usr/local/ssh_bak
cp -arpf /usr/sbin/sshd /usr/local/ssh_bak
# 备份配置目录
cp -arpf /etc/ssh /usr/local/ssh_bak

2.下载安装openssh

wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.8p1.tar.gz
tar zxf openssh-9.8p1.tar.gz
cd openssh-9.8p1
./configure --prefix=$install_dir --sysconfdir=/etc/ssh && make && make install
cp -arpf $install_dir/bin/* /usr/bin/
cp -arpf $install_dir/sbin/* /usr/sbin/

3.重新加载启动服务

systemctl daemon-reload
systemctl enable ssh --now
systemctl restart ssh

验证阶段

查看ssh和sshd版本

root@test:~# ssh -V
OpenSSH_9.8p1, OpenSSL 3.0.2 15 Mar 2022
root@test:~# sshd -V
OpenSSH_9.8p1, OpenSSL 3.0.2 15 Mar 2022

查看服务状态

root@test:~# systemctl status ssh
● ssh.service - OpenBSD Secure Shell server
     Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2024-07-03 10:52:57 CST; 1h 2min ago
       Docs: man:sshd(8)
             man:sshd_config(5)
    Process: 2698680 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)
   Main PID: 2698681 (sshd)
      Tasks: 1 (limit: 9432)
     Memory: 1.6M
        CPU: 17ms
     CGroup: /system.slice/ssh.service
             └─2698681 "sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups"

Jul 03 10:52:57 test systemd[1]: Starting OpenBSD Secure Shell server...
Jul 03 10:52:57 test sshd[2698681]: Server listening on 0.0.0.0 port 1022.
Jul 03 10:52:57 test sshd[2698681]: Server listening on :: port 22.
Jul 03 10:52:57 test systemd[1]: Started OpenBSD Secure Shell server.