网站域名是什么东西,企业网站托管的方案,c语言开发环境,网页设计代码链接怎么写openssh9.9 是2024.9.20出的最新版ssh。因为客户扫描出一大堆centos7的漏洞#xff0c;全是这个openssh的#xff0c;好多补丁#xff0c;所以索性升级到最新版。
需要自己制作rpm包#xff0c;这个我是不懂#xff0c;照这个来#xff1a;
Linux服务器升级openssh9.9最…openssh9.9 是2024.9.20出的最新版ssh。因为客户扫描出一大堆centos7的漏洞全是这个openssh的好多补丁所以索性升级到最新版。
需要自己制作rpm包这个我是不懂照这个来
Linux服务器升级openssh9.9最新版全过程及遇到问题处理_openssh-server最新版本-CSDN博客
作者没有说明怎么处理异常我这里是centos7的rpm
https://download.csdn.net/download/leinchu/89896129
使用方法 mkdir openssh9 mv openssh9.9.tar.gz openssh9 cd openssh9 tar xfz openssh9.9.tar.gz
rpm -ivh --nodeps --force openssh-9.9p1-1.el7.x86_64.rpm rpm -ivh --nodeps --force openssh9.9.tar.gz rpm -ivh --nodeps --force openssh-clients-9.9p1-1.el7.x86_64.rpm rpm -ivh --nodeps --force openssh-debuginfo-9.9p1-1.el7.x86_64.rpm rpm -ivh --nodeps --force openssh-server-9.9p1-1.el7.x86_64.rpm
ssh-keygen -A
chmod 600 /etc/ssh/ssh_host_ed25519_key chown root:root /etc/ssh/ssh_host_ed25519_key sudo chmod 600 /etc/ssh/ssh_host_rsa_key chown root:root /etc/ssh/ssh_host_rsa_key
sudo chmod 600 /etc/ssh/ssh_host_ecdsa_key chown root:root /etc/ssh/ssh_host_ecdsa_key
sshd -t -f /etc/ssh/sshd_config mv /etc/pam.d/sshd /etc/pam.d/sshdbak vi /etc/pam.d/sshd #%PAM-1.0 auth required pam_sepermit.so auth include password-auth account required pam_nologin.so account include password-auth password include password-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_loginuid.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open env_params session optional pam_keyinit.so force revoke session include password-auth
systemctl restart sshd
--------------------------------
验证ssh -V 遇到的报错 Unable to load host key /etc/ssh/ssh_host_ed25519_key: bad permissions sshd: no hostkeys available -- exiting
Oct 17 11:57:33 snmp sshd[139477]: Oct 17 11:57:33 snmp sshd[139477]: WARNING: UNPROTECTED PRIVATE KEY FILE! Oct 17 11:57:33 snmp sshd[139477]: Oct 17 11:57:33 snmp sshd[139477]: Permissions 0640 for /etc/ssh/ssh_host_rsa_key are too open. Oct 17 11:57:33 snmp sshd[139477]: It is required that your private key files are NOT accessible by others. Oct 17 11:57:33 snmp sshd[139477]: This private key will be ignored. Oct 17 11:57:33 snmp sshd[139477]: Unable to load host key /etc/ssh/ssh_host_rsa_key: bad permissions Oct 17 11:57:33 snmp systemd[1]: sshd.service: main process exited, codeexited, status1/FAILURE Oct 17 11:57:33 snmp sshd[139477]: Unable to load host key: /etc/ssh/ssh_host_rsa_key Oct 17 11:57:33 snmp sshd[139477]: Oct 17 11:57:33 snmp sshd[139477]: WARNING: UNPROTECTED PRIVATE KEY FILE! Oct 17 11:57:33 snmp sshd[139477]: Oct 17 11:57:33 snmp sshd[139477]: Permissions 0640 for /etc/ssh/ssh_host_ecdsa_key are too open. Oct 17 11:57:33 snmp sshd[139477]: It is required that your private key files are NOT accessible by others. Oct 17 11:57:33 snmp sshd[139477]: This private key will be ignored. Oct 17 11:57:33 snmp sshd[139477]: Unable to load host key /etc/ssh/ssh_host_ecdsa_key: bad permissions Oct 17 11:57:33 snmp sshd[139477]: Unable to load host key: /etc/ssh/ssh_host_ecdsa_key Oct 17 11:57:33 snmp sshd[139477]: Oct 17 11:57:33 snmp sshd[139477]: WARNING: UNPROTECTED PRIVATE KEY FILE! Oct 17 11:57:33 snmp sshd[139477]: Oct 17 11:57:33 snmp sshd[139477]: Permissions 0640 for /etc/ssh/ssh_host_ed25519_key are too open. Oct 17 11:57:33 snmp sshd[139477]: It is required that your private key files are NOT accessible by others. Oct 17 11:57:33 snmp sshd[139477]: This private key will be ignored. Oct 17 11:57:33 snmp sshd[139477]: Unable to load host key /etc/ssh/ssh_host_ed25519_key: bad permissions Oct 17 11:57:33 snmp sshd[139477]: Unable to load host key: /etc/ssh/ssh_host_ed25519_key Oct 17 11:57:33 snmp sshd[139477]: sshd: no hostkeys available -- exiting. Oct 17 11:57:33 snmp systemd[1]: Failed to start OpenSSH server daemon. -- Subject: Unit sshd.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit sshd.service has failed. -- -- The result is failed. Oct 17 11:57:33 snmp systemd[1]: Unit sshd.service entered failed state. Oct 17 11:57:33 snmp systemd[1]: sshd.service failed. Oct 17 11:57:33 snmp polkitd[7888]: Unregistered Authentication Agent for unix-process:139470:389161800 (system bus name :1.41641, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus) Oct 17 11:58:01 snmp systemd[1]: Created slice User Slice of pcp. -- Subject: Unit user-994.slice has finished start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit user-994.slice has finished starting up. -- -- The start-up result is done. Oct 17 11:58:01 snmp systemd[1]: Started Session 13127 of user pcp. -- Subject: Unit session-13127.scope has finished start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit session-13127.scope has finished starting up. -- -- The start-up result is done. Oct 17 11:58:01 snmp CROND[139602]: (pcp) CMD ( /usr/libexec/pcp/bin/pmie_check -C) Oct 17 11:58:01 snmp systemd[1]: Removed slice User Slice of pcp. -- Subject: Unit user-994.slice has finished shutting down -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit user-994.slice has finished shutting down.
