CentOS中如何使用OpenSSL编译安装OpenSSH?本篇文章为大家分享一下CentOS下使用OpenSSL编译安装OpenSSH具体方法,有需要的小伙伴可以参考一下。
检测已安装的包
# rpm -qa | grep openssh openssh# rpm -qa | grep openssh openssl卸载用rpm -e 如果出现依赖包导致无法卸载,在最后面加上–nodeps即可,例:
# rpm -e openssl --nodeps具体安装过程如下:
下载最新软件包源码
http://ftp5.usa.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.3p1.tar.gz
http://www.openssl.org/source/openssl-1.0.2j.tar.gz
http://www.openssl.org/source/openssl-fips-2.0.13.tar.gz
使用YUM安装必要的软件开发包
# yum install -y zlib-devel pam-devel tcp_wrappers-devel安装openssl-fips
具体说明见 http://www.openssl.org/docs/fips ;
# tar zxpf openssl-fips-2.0.5.tar.gz# cd openssl-fips# ./config# make && make install安装OpenSSL
# tar zxpf openssl-1.0.1h.tar.gz# cd openssl-1.0.1h# ./config fips --shared# make && make install将新编译的openssl library 加入系统动态库链接中
# echo "/usr/local/ssl/lib" >> /etc/ld.so.conf# ldconfig安装OpenSSH
# tar zxpf openssh-6.6p1.tar.gz# cd openssh-6.6p1# ./configure \
--prefix=/usr \
--sysconfdir=/etc/ssh \
--with-md5-passwords \
--with-pam \
--with-tcp-wrappers \
--with-ssl-dir=/usr/local/ssl
# make && make install# ssh -V修改相关配置
# cp -p contrib/redhat/sshd.init /etc/init.d/sshd (此处的contrib路径为解压后的OpenSSH包路径)# chmod u+x /etc/init.d/sshd (加执行权限)# chkconfig --add sshd (增加sshd服务)# chkconfig sshd on (把sshd加入启动项)# yum install openssh (安装OpenSSH客户端)# vim /etc/ssh/sshd_configPermitRootLogin yes #允许root账户登录,单root账户必须加上,其他的参数请自行修改测试登录
# /etc/init.d/sshd start
ssh-keygen: illegal option -- A
Usage: ssh-keygen [options]
Options:
-a trials Number of trials for screening DH-GEX moduli.
-B Show bubblebabble digest of key file.
-b bits Number of bits in the key to create.
-C comment Provide new comment.
-c Change comment in private and public key files.
-e Convert OpenSSH to IETF SECSH key file.
-F hostname Find hostname in known hosts file.
-f filename Filename of the key file.
-G file Generate candidates for DH-GEX moduli.
-g Use generic DNS resource record format.
-H Hash names in known_hosts file.
-i Convert IETF SECSH to OpenSSH key file.
-l Show fingerprint of key file.
-M memory Amount of memory (MB) to use for generating DH-GEX moduli.
-N phrase Provide new passphrase.
-P phrase Provide old passphrase.
-p Change passphrase of private key file.
-q Quiet.
-R hostname Remove host from known_hosts file.
-r hostname Print DNS resource record.
-S start Start point (hex) for generating DH-GEX moduli.
-T file Screen candidates for DH-GEX moduli.
-t type Specify type of key to create.
-v Verbose.
-W gen Generator to use for generating DH-GEX moduli.
-y Read private key file and print public key.
Starting sshd: [ OK ]
sshd文件的ssh-keygen参数有问题,暂时不知道怎么解决,但是不影响使用。
文章来源网络,作者:运维,如若转载,请注明出处:https://shuyeidc.com/wp/198997.html<
