安装需注意
在安装时需要卸载OpenSSH，卸载后除当前打开窗口外，不在接受新的SSH连接。

可以安装Telnet，通过Telnet代替SSH连接，直到升级完毕再关闭Telnet

查看操作系统版本

lsb_release -a

输入后会显示下面这些信息，我的版本号是7.6.1810

lsb_release -aLSB Version: :core-4.1-amd64:core-4.1-noarch

Distributor ID: CentOS

Description: CentOS Linux release 7.6.1810 (Core)

Release: 7.6.1810

Codename: Core

查询当前版本

ssh -V

openssl version

下载安装包

wget https://www.openssl.org/source/openssl-1.1.1l.tar.gz

wget
https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/openssh-8.6p1.tar.gz

卸载openssh和openssl

yum remove openssl openssl-devel openssh -y

安装顺序，先安装openssl，后安装openssh

openssl安装
安装依赖

yum install gcc perl zlib zlib-devel -y

编译安装

tar -zxvf openssl-1.1.1l.tar.gz

cd openssl-1.1.1l

./config shared zlib --prefix=/usr/local/openssl
–openssldir=/usr/local/openssl/ssl

make

make install

配置

echo “/usr/local/openssl/lib” >> /etc/ld.so.conf

ldconfig -v

mv /usr/bin/openssl /usr/bin/openssl.old

ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl

查看版本

openssl version

接下来安装openssh

安装依赖

yum -y install pam-devel

编译安装

tar -zxvf openssh-8.6p1.tar.gz

cd openssh-8.6p1

./configure --prefix=/usr --sysconfdir=/etc/ssh
–with-openssl-includes=/usr/local/openssl/include/ --with-ssl-dir=/usr/local/openssl --with-zlib --with-md5-passwords–with-pam

make

make install

配置

echo “PermitRootLogin yes” >> /etc/ssh/sshd_config

echo “UseDNS no” >> /etc/ssh/sshd_config

cp -a contrib/redhat/sshd.init /etc/init.d/sshd

chmod +x /etc/init.d/sshd

chkconfig --add sshd

systemctl enable sshd

chkconfig sshd on

chmod 600 /etc/ssh/ssh_host_rsa_key

chmod 600 /etc/ssh/ssh_host_ecdsa_key

/etc/init.d/sshd restart

查看版本

ssh -V

OpenSSH_8.6p1, OpenSSL 1.1.1l 24 Aug 2021

升级完成