1、yum安装编译依赖的组件

yum install -y rpm-build gcc gcc-c++ glibc glibc-devel openssl-devel openssl pcre-devel zlib zlib-devel make wget krb5-devel pam-devel libX11-devel  libXt-devel initscripts libXt-devel  gtk2-devel lrzsz

虚拟机配置可参考本地yum源

2、建立编译目录

mkdir -pv /root/rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS}

3、源码包下载并修改，迁移到到/root/rpmbuild/SOURCES

wget http://mirror.aarnet.edu.au/pub/OpenBSD/OpenSSH/portable/openssh-9.5p1.tar.gz -O /home/openssh-9.5p1.tar.gz
cd /home && tar -xf openssh-9.5p1.tar.gz &&  cd openssh-9.5p1/contrib/redhat/
cp -p sshd.pam sshd.pam.old && cp -p sshd.init sshd.init.old
cd ../../..;mv openssh-9.5p1.tar.gz openssh-9.5p1_$(date "+%Y%m%d%H%M%S").tar.gz
tar -cf openssh-9.5p1.tar.gz openssh-9.5p1/
cp openssh-9.5p1.tar.gz /root/rpmbuild/SOURCES/openssh-9.5p1.tar.gz

 4、解压spec编译文件

cd /root/rpmbuild/SOURCES/
tar -xf openssh-9.5p1.tar.gz  openssh-9.5p1/contrib/redhat/openssh.spec
mv openssh-9.5p1 /root/rpmbuild/SPECS

5、配置spec编译文件

a、不生成askpass包

cd /root/rpmbuild/SPECS/openssh-9.5p1/contrib/redhat/
sed -i -e "s/%global no_gnome_askpass 0/%global no_gnome_askpass 1/g" openssh.spec
sed -i -e "s/%global no_x11_askpass 0/%global no_x11_askpass 1/g" openssh.spec

ps：生成askpass包，需要/root/rpmbuild/SOURCES/x11-ssh-askpass-1.2.4.1.tar.gz，下载链接如下

Index of /repo/pkgs/openssh/x11-ssh-askpass-1.2.4.1.tar.gz

b、解决openssl-devel < 1.1报错

sed -i '/openssl-devel < 1.1/s/^/#/' openssh.spec

6、编译openssh源码

rpmbuild -bb /root/rpmbuild/SPECS/openssh-9.5p1/contrib/redhat/openssh.spec

 编译最后无报错即编译成功

7、查看编译的RPM文件

在/root/rpmbuild/RPMS/x86_64/

 8、升级（debug文件外可以删除）

升级之前先安装xinetd，开启telnet

避免出现sshd_config中参数出现Deprecated导致重启失败

rpm -Uvh openssh-9.5p1-1.x86_64.rpm openssh-clients-9.5p1-1.x86_64.rpm openssh-server-9.5p1-1.x86_64.rpm