存档

文章标签 ‘openssh’

从源码编译rpm,安装升级 openssl及openssh 最新版本

2011年7月22日 评论已被关闭

当前版本:
$ ssh -V
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
目标版本:
openssh-5.8p2.tar.gz
openssl-0.9.8r.tar.gz

compile and upgrade openssl-0.9.8r
wget http://www.openssl.org/source/openssl-0.9.8r.tar.gz
tar zxvf openssl-0.9.8r.tar.gz
mkdir -p /usr/src/redhat/SPECS/
mkdir -p /usr/src/redhat/SOURCES/
cp openssl-0.9.8r/openssl.spec /usr/src/redhat/SPECS/
cp openssl-0.9.8r.tar.gz /usr/src/redhat/SOURCES/
cd /usr/src/redhat/SPECS

#源码自带的SPEC文件有点问题,需要替换一下关键字License
perl -i.bak -pe ‘s/^Copyright: Freely distributable$/License: Freely distributable/’ openssl.spec

[2hei.net ~]#rpmbuild -bb openssl.spec
#如果系统找不到rpmbuild,需要先安装
yum install rpm-build
yum install redhat-rpm-config
yum install pam-devel

#安装结束:

Wrote: /usr/src/redhat/RPMS/i386/openssl-0.9.8r-1.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/openssl-devel-0.9.8r-1.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/openssl-doc-0.9.8r-1.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/openssl-debuginfo-0.9.8r-1.i386.rpm
Executing(%clean): /bin/sh -e /var/tmp/rpm-tmp.36929
+ umask 022
+ cd /usr/src/redhat/BUILD
+ cd openssl-0.9.8r
+ rm -rf /var/tmp/openssl-0.9.8r-root
+ exit 0

[2hei.net ~]#cd /usr/src/redhat/RPMS/i386/
ls -l
-rw-r–r– 1 root root 1198354 Jul 22 15:31 openssl-0.9.8r-1.i386.rpm
-rw-r–r– 1 root root  117348 Jul 22 15:31 openssl-debuginfo-0.9.8r-1.i386.rpm
-rw-r–r– 1 root root 2149166 Jul 22 15:31 openssl-devel-0.9.8r-1.i386.rpm
-rw-r–r– 1 root root  596803 Jul 22 15:31 openssl-doc-0.9.8r-1.i386.rpm
rpm -Uvh openssl*.rpm
error: Failed dependencies:
    libcrypto.so.6 is needed by (installed) python-2.4.3-27.el5.i386
    libcrypto.so.6 is needed by (installed) openldap-2.3.43-12.el5.i386
    libcrypto.so.6 is needed by (installed) curl-7.15.5-9.el5.i386
    libcrypto.so.6 is needed by (installed) net-snmp-libs-5.3.2.2-9.el5.i386
    …
    libssl.so.6 is needed by (installed) python-2.4.3-27.el5.i386
    libssl.so.6 is needed by (installed) openldap-2.3.43-12.el5.i386
    libssl.so.6 is needed by (installed) curl-7.15.5-9.el5.i386
    …
use –nodeps force install
rpm –nodeps -Uvh openssl-*.rpm
Preparing…                ########################################### [100%]
   1:openssl                ########################################### [ 25%]
   2:openssl-debuginfo      ########################################### [ 50%]
   3:openssl-devel          ########################################### [ 75%]
   4:openssl-doc            ########################################### [100%]

#添加旧的链接库链接,使之支持已安装的其他软件的依赖:
[2hei.net ~]#cd /usr/lib
ln -s libcrypto.so.0.9.8 libcrypto.so.6
ln -s libssl.so.0.9.8 libssl.so.6

openssh的编译寄安装过程类似,不过要比openssl的简单一些,因为依赖关系少了很多,在此略去。。。

#重启sshd服务:
service sshd restart
#检查版本:
[root@test-test01 ~]# ssh -V
OpenSSH_5.8p2, OpenSSL 0.9.8r 8 Feb 2011

至此大功告成,不过升级openssl要谨慎,有可能影响其他服务,如httpd,openvpn等等,本文在vm上测试通过,权作记录备忘~

分类: OpenSource 标签: ,

openssh5.4升级后ssh无法登陆

2010年3月30日 评论已被关闭
杯具啊! 新装的服务器,从openssh5.2升级到openssh5.4,重启sshd服务后发现无法登陆了!!!
没办法,找机房人员终端登陆上去开启telnet,又把版本降了回来,汗一个!
谁让手欠呢!
分类: OpenSource 标签: