起因

Centos 7.9.2009 自带的OpenSSH版本太老了,一堆漏洞。
内网等保过不去,上网找找最新版,需要各种编译环境,由于是内网,不方便。
百度编译好的RPM包,各种收费,吃相难看。
索性自己编译了一套最新版。

版本说明

2025-05-12同步编译最新版本:
OpenSSH v10.0p2, OpenSSL v3.5.0

2025-03-15同步编译最新版本:
OpenSSH v9.9p2, OpenSSL v3.4.1

使用2024-08-21编译时最新的版本:
OpenSSH_9.8p1, OpenSSL 3.3.1

安装方法

请先打开至少2个SSH窗口,并在其中一个操作,另外一个用于升级失败回退

重启SSHD服务前需要修改/etc/ssh/sshd_config配置文件,看看是否适合自己的使用环境
#如:是否需要修改端口号、禁用DNS等

# 解压到某个目录里
# 备份当前SSH配置
[[ -f /etc/ssh/sshd_config ]] && mv /etc/ssh/sshd_config /etc/ssh/sshd_config.$(date +%Y%m%d)

# 安装rpm包
yum  localinstall -y *.rpm

# 以防主机密钥文件的权限过于开放,导致服务起不来
chmod -v 600 /etc/ssh/ssh_host_*_key

# For CentOS7+:
# 在某些情况下,以前安装的systemd服务文件在升级后还留在磁盘上。
if [[ -d /run/systemd/system && -f /usr/lib/systemd/system/sshd.service ]]; then
    mv /usr/lib/systemd/system/sshd.service /usr/lib/systemd/system/sshd.service.$(date +%Y%m%d)
    systemctl daemon-reload
fi

# Check Installed version:
# 检查安装后的版本
ssh -V && /usr/sbin/sshd -V

# Restart service
# 重启服务
service sshd restart

安装演示

[root@localhost x86_64]# ll
total 20916
-rw-r--r-- 1 root root 7575568 May 12 17:23 openssh-10.0p1-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 7733088 May 12 17:23 openssh-clients-10.0p1-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 6104684 May 12 17:23 openssh-server-10.0p1-1.el7.x86_64.rpm
[root@localhost x86_64]# yum localinstall *
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager

This system is not registered with an entitlement server. You can use subscription-manager to register.

Examining openssh-10.0p1-1.el7.x86_64.rpm: openssh-10.0p1-1.el7.x86_64
Marking openssh-10.0p1-1.el7.x86_64.rpm as an update to openssh-9.8p1-1.el7.x86_64
Examining openssh-clients-10.0p1-1.el7.x86_64.rpm: openssh-clients-10.0p1-1.el7.x86_64
Marking openssh-clients-10.0p1-1.el7.x86_64.rpm as an update to openssh-clients-9.8p1-1.el7.x86_64
Examining openssh-server-10.0p1-1.el7.x86_64.rpm: openssh-server-10.0p1-1.el7.x86_64
Marking openssh-server-10.0p1-1.el7.x86_64.rpm as an update to openssh-server-9.8p1-1.el7.x86_64
Resolving Dependencies
--> Running transaction check
---> Package openssh.x86_64 0:9.8p1-1.el7 will be updated
---> Package openssh.x86_64 0:10.0p1-1.el7 will be an update
---> Package openssh-clients.x86_64 0:9.8p1-1.el7 will be updated
---> Package openssh-clients.x86_64 0:10.0p1-1.el7 will be an update
---> Package openssh-server.x86_64 0:9.8p1-1.el7 will be updated
---> Package openssh-server.x86_64 0:10.0p1-1.el7 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================================================================
 Package                        Arch                  Version                      Repository                                           Size
=============================================================================================================================================
Updating:
 openssh                        x86_64                10.0p1-1.el7                 /openssh-10.0p1-1.el7.x86_64                         22 M
 openssh-clients                x86_64                10.0p1-1.el7                 /openssh-clients-10.0p1-1.el7.x86_64                 21 M
 openssh-server                 x86_64                10.0p1-1.el7                 /openssh-server-10.0p1-1.el7.x86_64                  17 M

Transaction Summary
=============================================================================================================================================
Upgrade  3 Packages

Total size: 60 M
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Updating   : openssh-10.0p1-1.el7.x86_64                                                                                               1/6 
  Updating   : openssh-server-10.0p1-1.el7.x86_64                                                                                        2/6 
warning: /etc/ssh/sshd_config created as /etc/ssh/sshd_config.rpmnew
  Updating   : openssh-clients-10.0p1-1.el7.x86_64                                                                                       3/6 
  Cleanup    : openssh-clients-9.8p1-1.el7.x86_64                                                                                        4/6 
  Cleanup    : openssh-server-9.8p1-1.el7.x86_64                                                                                         5/6 
  Cleanup    : openssh-9.8p1-1.el7.x86_64                                                                                                6/6 
  Verifying  : openssh-server-10.0p1-1.el7.x86_64                                                                                        1/6 
  Verifying  : openssh-clients-10.0p1-1.el7.x86_64                                                                                       2/6 
  Verifying  : openssh-10.0p1-1.el7.x86_64                                                                                               3/6 
  Verifying  : openssh-server-9.8p1-1.el7.x86_64                                                                                         4/6 
  Verifying  : openssh-9.8p1-1.el7.x86_64                                                                                                5/6 
  Verifying  : openssh-clients-9.8p1-1.el7.x86_64                                                                                        6/6 
base/7/x86_64                                                                                                         | 3.6 kB  00:00:00     
copr:copr.fedorainfracloud.org:konimex:neofetch/x86_64                                                                | 3.3 kB  00:00:00     
docker-ce-stable/7/x86_64                                                                                             | 3.5 kB  00:00:00     
epel/x86_64                                                                                                           | 4.3 kB  00:00:00     
extras/7/x86_64                                                                                                       | 2.9 kB  00:00:00     
rancher-k3s-common-stable                                                                                             | 2.9 kB  00:00:00     
updates/7/x86_64                                                                                                      | 2.9 kB  00:00:00     

Updated:
  openssh.x86_64 0:10.0p1-1.el7            openssh-clients.x86_64 0:10.0p1-1.el7            openssh-server.x86_64 0:10.0p1-1.el7           

Complete!
[root@localhost x86_64]# sshd -V && ssh -V
OpenSSH_10.0p2, OpenSSL 3.5.0 8 Apr 2025
OpenSSH_10.0p2, OpenSSL 3.5.0 8 Apr 2025

下载地址

CentOS7

OpenSSH v10.0p2 OpenSSL v3.5.0
https://sbdx.lanzouu.com/i52UM2w24i2b 密码:1024
OpenSSH_9.9p2 OpenSSL 3.4.1
https://sbdx.lanzouu.com/ir5bl2qxia5a 密码:1024
OpenSSH_9.8p1 OpenSSL 3.3.1
https://sbdx.lanzouj.com/ib6x628ef5rc 密码:1024

CentOS6

OpenSSH_9.8p1 OpenSSL 3.3.1
https://sbdx.lanzouj.com/iejvx28feqsj 密码:1024

Centos7 OpenSSH RPM备用链接:
外链:https://luckythp.lanzoul.com/b01391ul1i 密码:69tv

感谢

感谢boypt提供的仓库 https://github.com/boypt/openssh-rpms,实现一键编译成RPM包。

转至:https://blog.csdn.net/sbdx/article/details/141558336

# ssh # centos
Logo
2048 AI社区

有“AI”的1024 = 2048,欢迎大家加入2048 AI社区

更多推荐

cover

让数据真正用起来:qData 数据中台开放12大模块,赋能业务创新与智能分析

avatar 2048 AI社区

2025技能图谱:提示工程架构师构建可持续AI提示系统需要的新能力清单

组件类型示例内容输入参数输出格式通用-语气控制“使用亲切的语气,称呼用户为‘亲爱的[用户名]’”用户名字符串通用-伦理约束“如果用户的问题涉及违法内容(如诈骗、毒品),请回复‘抱歉,无法回答这个问题’”用户问题布尔值(是否触发)场景-订单查询“请用户提供订单号(格式:XXX-XXXXXXX),并说明查询目的(如物流、退款)”无字符串场景-退货流程“退货需要3步:1. 申请退货;2. 邮寄商品;3.

avatar 2048 AI社区

提示工程架构师必学:智能设备中的提示优化实战

智能设备的普及,让提示工程从“实验室”走进了“生活”。对于提示工程架构师而言,智能设备中的提示优化不仅是技术挑战,更是对“用户体验”的深刻理解——如何在“有限的资源”中,用“最精简的提示”,实现“最贴心的交互”。本文介绍的6大实战技巧(精简、实时、并行、跨模态),只是智能设备提示优化的“冰山一角”。未来,随着AIoT的进一步融合,提示工程将迎来更多新的挑战,但也会有更多新的机遇。让我们一起,用提示

avatar 2048 AI社区