linux: upgrade ssh
Published by expire0
Posted on June 07, 2008
First step we will enable telnet so if something screws up you can still access the server:
—–command—–
pico -w /etc/xinetd.d/telnet
—–command—–
change disable = yes to no
Save and then exit
—–command—–
/etc/init.d/xinetd restart
—–command—–
First we will upgrade open ssl:
—–command—–
cd /usr/local/src
wget http://www.openssl.org/source/openssl-0.9.8d.tar.gz
tar -zxf openssl-0.9.8h.tar.gz
cd openssl-0.9.8h
./config
make
make test
make install * added by openkb.org missing from original source
—–command—–
Now get the latest source from an official mirror:
—–command—–
cd /usr/local/src/
wget ftp://mirror.mcs.anl.gov/pub/openssh/portable/openssh-4.5p1.tar.gz
tar -zxf openssh-4.5p1.tar.gz
cd openssh-4.5p1
./configure –prefix=/usr –sysconfdir=/etc/ssh –with-ssl-dir=/usr/local/src/openssl-0.9.8d –with-pam –with-libs=-ldl –without-zlib-version-check
make
make install
/sbin/service sshd restart
—–command—–
If you get a user error you need to add a sshd user. Do that by running this command:
—–command—–
adduser sshd -s /sbin/nologin
—–command—–
If you don’t get any error about a user you do not have to worry about adding the user.
Open another ssh window and make sure ssh works ok, if running the following command returns something with “OpenSSH_4.1P1” you did it correctly.
—–command—–
sshd –V
—–command—–
Now go back and turn telnet off:
—–command—–
pico -w /etc/xinetd.d/telnet
—–command—–
change disable = no to yes
Save and then exit
—–command—–
/etc/init.d/xinetd restart
—–command—–
That’s it!
=============
reference : http://www.eth0.us/sshd
- An error has occurred, which probably means the feed is down. Try again later.