CentOS7/RHEL7最小化安装并制作openssh8.4p1的RPM安装包
CentOS7/RHEL7最小化安装系统并制作openssh8.4p1的RPM安装包
使用rpmbuild将tar包打成rpm包,不喜欢编译升级的,使用RPM升级就方便多了。
1,安装依赖环境
[root@centos7-31 ~]# yum install rpm-build zlib-devel openssl-devel gcc perl-devel pam-devel unzip -y
[root@centos7-31 ~]# mkdir -p /root/rpmbuild/{SOURCES,SPECS}
[root@centos7-31 ~]# cd /root/rpmbuild/SOURCES/
2,下载相关软件。
[root@centos7-31 ~]# wget https://src.fedoraproject.org/repo/pkgs/openssh/x11-ssh-askpass-1.2.4.1.tar.gz/8f2e41f3f7eaa8543a2440454637f3c3/x11-ssh-askpass-1.2.4.1.tar.gz
[root@centos7-31 ~]# tar zxvf openssh-8.4p1.tar.gz
[root@centos7-31 ~]# cd openssh-8.4p1/
3,修改源码包的ssh配置文件,以免系统中安装RPM后还要再修改配置文件。
[root@centos7-31 ~]# vi sshd_config
PermitRootLogin yes
PasswordAuthentication yes
4,将pam信息写到源码包中。
[root@centos7-31 ~]# cat /etc/pam.d/sshd > contrib/redhat/sshd.pam
[root@centos7-31 ~]# cat /etc/pam.d/sshd > contrib/redhat/sshd.pam.old
5,重新打包ssh软件,然后修改spec文件。
[root@centos7-31 ~]# tar cvf openssh-8.4p1.tar.gz openssh-8.4p1/
[root@centos7-31 ~]# cp /root/openssh-8.4p1/contrib/redhat/openssh.spec /root/rpmbuild/SPECS/
[root@centos7-31 ~]# sed -i -e "s/%global no_gnome_askpass 0/%global no_gnome_askpass 1/g" /root/rpmbuild/SPECS/openssh.spec
[root@centos7-31 ~]# sed -i -e "s/%global no_x11_askpass 0/%global no_x11_askpass 1/g" /root/rpmbuild/SPECS/
6,
第一个报错: openssl-devel < 1.1 被 openssh-8.3p1-1.el7.x86_64 需要
构建依赖失败:openssl-devel < 1.1 被 openssh-8.3p1-1.el7.x86_64 需要 解决方法:
[root@localhost SPECS]# vim openssh.spec
注释掉 BuildRequires: openssl-devel < 1.1
第二个报错:RPM build errors:
Installed (but unpackaged) file(s) found:
RPM build errors:
Installed (but unpackaged) file(s) found:
/usr/libexec/openssh/ssh-sk-helper
/usr/share/man/man8/ssh-sk-helper.8.gz
解决方法:
vi /usr/lib/rpm/macros
#%__check_files %{_rpmconfigdir}/check-files %{buildroot}
注释改行
[root@centos7-31 ~]# rpmbuild -ba openssh.spec
7,打包成功后,删除原来的软件,并删除配置目录,安装新软件包。
[root@centos7-31 ~]# rpm -e `rpm -qa |grep openssh` --nodeps
[root@centos7-31 ~]# rm -rf /etc/ssh
[root@centos7-31 ~]# rpm -ivh *.rpm
8,RPM安装包下载
Centos7-RHEL7-openssh8.4p1.zip
Key exchange failed.No compatible key exchange method. The server supports these methods: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256No compatible hostkey. The server supports these methods: ssh-ed25519
cat >>/etc/ssh/sshd_config <<-EOF KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 EOF systemctl restart sshd
cat >>/etc/ssh/sshd_config <<-EOF KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,curve25519-sha256,curve25519-sha256@libssh.org EOF service sshd restart
目录 返回
首页