网站的页头页脚怎么做,玩具外贸好做吗,九江市做网站的公司,建设厅官方网站北京一、启动Telnet服务 为防止升级Openssh失败导致无法连接ssh#xff0c;所以先安装Telnet服务备用 1.安装telnet-server及telnet服务
yum install -y telnet-server* telnet
2.安装xinetd服务
yum install -y xinetd
3.启动xinetd及telnet并做开机自启动
systemctl enable…一、启动Telnet服务 为防止升级Openssh失败导致无法连接ssh所以先安装Telnet服务备用 1.安装telnet-server及telnet服务
yum install -y telnet-server* telnet
2.安装xinetd服务
yum install -y xinetd
3.启动xinetd及telnet并做开机自启动
systemctl enable xinetd.service
systemctl enable telnet.socket
systemctl start telnet.socket
systemctl start xinetd.service4.修改/etc/securetty文件
默认情况下系统是不允许root用户telnet远程登录的。如果要使用root用户直接登录需向/etc/securetty中追加pts/0等内容执行命令如下
echo pts/0 /etc/securetty
echo pts/1 /etc/securetty
echo pts/2 /etc/securetty5.测试telnet能否登录
telnet 192.168.100.15
二、升级Openssh
1.备份原ssh
cp -r /etc/ssh /etc/ssh-bak-date %Y%m%d
2.下载Openssh安装包 本次使用升级为openssh-9.3p2版本 所有版本安装包下载地址https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/ 下载地址
cd /opt
wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.3p2.tar.gz3.安装依赖包
yum install -y gcc zlib zlib-devel openssl-devel
4.编译安装
cd /opt
tar -zxvf openssh-9.3p2.tar.gz
cd openssh-9.3p2
./configure --prefix/usr --sysconfdir/etc/ssh --with-zlib --without-openssl-header-check --with-ssl-dir/usr/local/ssl --with-privsep-path/var/lib/sshd执行成功后先卸载旧版本的openssh然后安装新版本
5.卸载旧版本openssh
rpm -e --nodeps rpm -qa | grep openssh6.继续安装新版本包
make -j 4
make install安装完成后会提示这个 WARNING: UNPROTECTED PRIVATE KEY FILE! Permissions 0640 for /etc/ssh/ssh_host_rsa_key are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.WARNING: UNPROTECTED PRIVATE KEY FILE! Permissions 0640 for /etc/ssh/ssh_host_ecdsa_key are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.WARNING: UNPROTECTED PRIVATE KEY FILE! Permissions 0640 for /etc/ssh/ssh_host_ed25519_key are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
sshd: no hostkeys available -- exiting.
make: [check-config] 错误 1 (忽略)别紧张这是对key文件的警告信息提示目前的key文件权限为640权限太高修改为600即可
chmod 600 /etc/ssh/ssh_host_rsa_key
chmod 600 /etc/ssh/ssh_host_ecdsa_key
chmod 600 /etc/ssh/ssh_host_ed25519_key7.配置新ssh服务
# 复制启动文件到/etc/init.d/下并命名为sshd
cp -p /usr/local/src/openssh-8.0p1/contrib/redhat/sshd.init /etc/init.d/sshd
# 添加执行权限
chmod x /etc/init.d/sshd
# 添加到开启自启服务中
systemctl enable sshd
/sbin/chkconfig sshd on
# 允许root远程登录
sed -i s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g /etc/ssh/sshd_config
# 配置selinux服务
sed -i s/SELINUXenforcing/SELINUXdisabled/g /etc/selinux/config
sed -i s/SELINUXpermissive/SELINUXdisabled/g /etc/selinux/config
setenforce 0
# 重启sshd服务
systemctl restart sshd8.检查新版本是否正常升级
# ssh -V
OpenSSH_9.3p2, OpenSSL 1.0.2k-fips 26 Jan 2017三、关闭Telnet服务
systemctl disable xinetd
systemctl disable telnet.socket
systemctl stop xinetd.service
systemctl stop telnet.socket
yum remove telnet-server xinetd -y
