升级前版本:
root@ecs-m2eqyb:/opt# ll
total 20912
drwxr-xr-x 2 root root 4096 May 10 16:23 ./
drwxr-xr-x 24 root root 4096 May 10 14:38 ../
-rw-r--r-- 1 root root 1848766 May 10 16:23 openssh-9.7p1.tar.gz
-rw-r--r-- 1 root root 18038030 May 10 16:23 openssl-3.3.0.tar.gz
-rw-r--r-- 1 root root 1512791 May 10 16:23 zlib-1.3.1.tar.gz
1、编译安装zlib
root@ecs-m2eqyb:/opt# tar xf zlib-1.3.1.tar.gz
root@ecs-m2eqyb:/opt# cd zlib-1.3.1/
root@ecs-m2eqyb:/opt/zlib-1.3.1# ./configure
root@ecs-m2eqyb:/opt/zlib-1.3.1# make
root@ecs-m2eqyb:/opt/zlib-1.3.1# make install
2、编译安装openssl
root@ecs-m2eqyb:/opt# tar -xf openssl-3.3.0.tar.gz
root@ecs-m2eqyb:/opt# cd openssl-3.3.0/
root@ecs-m2eqyb:/opt/openssl-3.3.0# ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl --shared zlib
# 这里需要编译很久
root@ecs-m2eqyb:/opt/openssl-3.3.0# make
root@ecs-m2eqyb:/opt/openssl-3.3.0# make install
连接丢失的连接
ldconfig /usr/local/lib64/
ln -s /usr/local/ssl/lib64/libcrypto.so.3 /usr/lib/libcrypto.so.3
ln -s /usr/local/ssl/lib64/libssl.so.3 /usr/lib/libssl.so.3
# 原来的 openssl 不会自动替换
mv /usr/bin/openssl /usr/bin/openssl_1.1.1
cp /usr/local/ssl/bin/openssl /usr/bin/openssl
3、 编译安装 openssh-server
root@ecs-m2eqyb:/opt# tar xvf openssh-9.7p1.tar.gz
root@ecs-m2eqyb:/opt# cd openssh-9.7p1/
./configure --with-zlib --without-openssl-header-check --with-ssl-dir=/usr/local/ssl
make
make install
#原来的 ssh 不会自动替换
mv /usr/bin/ssh /usr/bin/ssh_7.6p1
cp /usr/local/bin/ssh /usr/bin/ssh
mv /usr/sbin/sshd /usr/sbin/sshd_9.0p1
cp /usr/local/sbin/sshd /usr/sbin/sshd
重新启动 openssh-server :
sudo systemctl restart sshd
验证:
openssl version
ssh -V
sshd -V