一、备份ssh配置文件

cd /etc/ssh/

cp sshd_config sshd_config_bak2024312

二、解压压缩包

tar -xvzf openssh-9.8p1.tar.gz

三、检测当前安装包

rpm -qa|grep openssh

openssh-clients-7.4p1-21.el7.x86_64

openssh-server-7.4p1-21.el7.x86_64

openssh-7.4p1-21.el7.x86_64

四、升级openssh

rpm -Uvh --nodeps openssh-9.8p1-3.el7.x86_64.rpm openssh-clients-9.8p1-3.el7.x86_64.rpm openssh-server-9.8p1-3.el7.x86_64.rpm

五、检测是否升级成功

rpm -qa|grep openssh

openssh-clients-9.8p1-3.el7.x86_64

openssh-debuginfo-9.8p1-3.el7.x86_64

openssh-9.8p1-3.el7.x86_64

openssh-server-9.8p1-3.el7.x86_64

查看版本ssh -V

OpenSSH_9.8p1, OpenSSL 3.0.14 4 Jun 2024

六、替换配置⽂件

cd /etc/ssh

mv sshd_config sshd_config_new_2024312

cp sshd_config_bak2024312 sshd_config

七、处理⽂件权限

chmod 600 /etc/ssh/ssh_host_rsa_key

chmod 600 /etc/ssh/ssh_host_ecdsa_key

chmod 600 /etc/ssh/ssh_host_ed25519_key

八、检查配置⽂件下⾯两项

sed -i 's#UsePAM yes#UsePAM no#g' /etc/ssh/sshd_config

cat /etc/ssh/sshd_config |grep UsePAM      (显示 UsePAM no 就说明成功了)

修改以下配置文件，更改登录权限

vi  /etc/ssh/sshd_config

PermitRootLogin yes

PasswordAuthentication yes

ChallengeResponseAuthentication no

UsePAM yes         # 配置为 yes

X11Forwarding yes

UseDNS no

GSSAPIAuthentication no

九、测试配置是否正确

sshd -t

根据错误处理

十、重启ssh服务

systemctl restart sshd