openssh升级文档centos6/c7
一、做准备工作

1. 关闭防火墙、关闭selinux服务

firewall-cmd --state

systemctl stop firewalld.service

systemctl disable firewalld.service

vim vim /etc/selinux/config 修改SELINUX=enforcing 为 SELINUX=distable

1. 安装基础包

yum install gcc gcc-c++ zlib zlib-devel openssl openssl-devel pam-devel pcre-devel pam-devel pam zlib

1. 备份ssh、sshd文件

cp -rf /etc/ssh/ /etc/ssh/ssh.bak

cp /usr/sbin/sshd /usr/sbin/sshd.bak

二、安装telnet服务(可以选择不安装，安装的目的是ssh升级失败，可以备用连接）
1.安装软件
# yum -y install telnet-server* telnet
2.启用telnet服务

mv /etc/securetty /etc/securetty.old #允许root用户通过telnet登录

1. 修改securetty文件，增加pts配置。如果登录用户较多，需要更多的pts/*。

vim /etc/securetty (卸载防护措施)

......
pts/0
pts/1
pts/2
添加开机启动

chkconfig telnet on #使telnet服务开机启动，避免升级过程中服务器意

1. centos7启动telnet服务

systemctl enable xinetd.server

systemctl enable telnet.socket

systemctl start telnet.socket

systemctl start xinetd.service

1. 卸载当前系统openssh

rpm -qa | grep openssh

rpm -e --nodeps rpm -qa | grep openssh

三、安装openssh

1. 下载最新openssh
   https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/

wget https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/openssh-8.6p1.tar.gz

1. 编译安装openssh

tar zxvf openssh-8.6p1.tar.gz

./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --with-zlib --with-md5-passwords --with-tcp-wrappers

make

make install

cp contrib/redhat/sshd.init /etc/init.d/sshd

chkconfig --add sshd

1. 回收权限

chmod -R 600 /etc/ssh/

1. openssh7.5默认root用户是不能用ssh远程登录的，需要修改配置文件：

sed -i '/^#PermitRootLogin/s/#PermitRootLogin yes/PermitRootLogin yes/' /etc/ssh/sshd_config

vim /etc/ssh/sshd_config

找到#PermitRootLogin prohibit-password项，去掉注释并把prohibit-password改为yes

PermitRootLogin yes
重启ssh服务：

systemctl restart sshd.service

1. 关闭telnet
2. xinetd stop

chkconfig xinetd off
service iptables start
chkconfig iptables on
将之前改过的disable=yes又改回去成no.
随后再将修改iptables将23端口关闭,并重启iptables服务.

至此,可以再开ssh登录,用ssh -V查看版本号.

参考资料：
https://www.cnblogs.com/kevingrace/p/9478614.html
https://blog.csdn.net/qq_25934401/article/details/83419849
https://www.cnblogs.com/winstom/p/9515949.html
https://blog.csdn.net/qq_37311616/article/details/80686922
https://www.cnblogs.com/nmap/p/10779658.html //C7参考
https://www.cnblogs.com/AmbitiousMice/p/11504850.html //报错解决
/usr/sbin/sshd -T //检查是否有错