1.1 环境介绍

[root@test ~]# openssl version
OpenSSL 1.0.2k-fips  26 Jan 2017
[root@test ~]# rpm -qa|grep openssh
openssh-7.4p1-21.el7.x86_64
openssh-server-7.4p1-21.el7.x86_64
openssh-clients-7.4p1-21.el7.x86_64


1.2 准备升级安装包

本文选择的是:
openssh-8.2p1.tar.gz
openssl-1.1.1g.tar.gz

$ wget https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/openssh-8.2p1.tar.gz

$ wget https://ftp.openssl.org/source/openssl-1.1.1g.tar.gz

1.3 升级openssl

1.3.1 备份

 mv /usr/bin/openssl /usr/bin/openssl_old

1.3.2 安装

tar xzvf openssl-1.1.1g.tar.gz

cd openssl-1.1.1g/

./config shared && make && make install

1.3.3 配置软连接

ln -s /usr/local/lib64/libssl.so.1.1 /usr/lib64/

ln -s /usr/local/lib64/libcrypto.so.1.1 /usr/lib64/

1.3.4 旧版本VS新版本

[root@test openssl-1.1.1g]# openssl version
OpenSSL 1.1.1g  21 Apr 2020

[root@test openssl-1.1.1g]# openssl_old version
OpenSSL 1.0.2k-fips  26 Jan 2017

1.4 升级openssh

1.4.1 安装所需依赖

yum install zlib-devel openssl-devel pam-devel -y

1.4.2 备份

mkdir /etc/ssh_old
mv /etc/ssh/* /etc/ssh_old/

1.4.3 解压、编译、安装

tar xzvf openssh-8.2p1.tar.gz 
cd openssh-8.2p1/

./configure --prefix=/usr/ --sysconfdir=/etc/ssh --with-ssl-dir=/usr/local/lib64/ --with-zlib --with-pam --with-md5-password --with-ssl-engine --with-selinux

# 安装
make && make install

# 验证
ssh -V
OpenSSH_8.2p1, OpenSSL 1.1.1g  21 Apr 2020

ls /etc/ssh
moduli  ssh_config  sshd_config  ssh_host_dsa_key  ssh_host_dsa_key.pub  ssh_host_ecdsa_key  ssh_host_ecdsa_key.pub  ssh_host_ed25519_key  ssh_host_ed25519_key.pub  ssh_host_rsa_key  ssh_host_rsa_key.pub

1.4.4 配置sshd配置文件

1.修改sshd_config

$ vim /etc/ssh/sshd_config
# 例子:配置root登录,   根据你以前的配置来
PermitRootLogin yes
PasswordAuthentication yes


2.启动
# 移走以前的ssh服务, 防止与新的冲突
$ mv /usr/lib/systemd/system/sshd.service /etc/ssh_old/sshd.service
$ mv /usr/lib/systemd/system/sshd.socket /etc/ssh_old/sshd.socket

# 在解压包中拷贝一些文件
$ cp -a contrib/redhat/sshd.init /etc/init.d/sshd

1.4.5 sshd reload服务  *****

$ systemctl daemon-reload    ##一定要执行
$ /etc/init.d/sshd restart

# 添加自启动
$ chkconfig --add sshd
$ chkconfig sshd on
可能碰到的问题:
/etc/init.d/sshd restart之后报错
Reloading systemd:                                         [  确定  ]
Restarting sshd (via systemctl):  Job for sshd.service failed because the control process exited with error code. See "systemctl status sshd.service" and "journalctl -xe" for details.
                                                           [失败]