系统大全为您提供
查询是否安装telnet # rpm -qa | grep telnet telnet-server-0.17-31.EL4.5 telnet-0.17-31.EL4.5 打开telnet服务 修改设置文件/etc/xinetd.d/telnet中disable字段改为no。 启动服务#ntsysv或#service xinetd restart。 创建登陆用户 因为不能直接root telnet登陆,所以创建一个登陆用户.安转完成后可以把该用户删除 useradd opensshinstall (删除用户及/home/sshinstall目录 userdel -r sshinstall 删除这个用户的组groupdel sshinstall) 安装源文件在/usr/local/ zlib和openssl安装在/usr/local目录下 安装zlib-1.2.5 #tar -zxvf zlib-1.2.5.tar.gz #cd zlib-1.2.5 #./configure --prefix=/usr/local/zlib-1.2.5 -share #make #make test #make install cp libz.a /usr/local/zlib-1.2.5/lib cp libz.so.1.2.5 /usr/local/zlib-1.2.5/lib cd /usr/local/zlib-1.2.5/lib; chmod u=rw,go=r libz.a cp zlib.3 /usr/local/zlib-1.2.5/share/man/man3 chmod 644 /usr/local/zlib-1.2.5/share/man/man3/zlib.3 cp zlib.pc /usr/local/zlib-1.2.5/lib/pkgconfig chmod 644 /usr/local/zlib-1.2.5/lib/pkgconfig/zlib.pc cp zlib.h zconf.h /usr/local/zlib-1.2.5/include chmod 644 /usr/local/zlib-1.2.5/include/zlib.h /usr/local/zlib-1.2.5/include/zconf.h #vi /etc/ld.so.conf 配置库文件搜索路径 include ld.so.conf.d/*.conf ##add 2010.7.7 /usr/local/zlib-1.2.5/lib ##add end #ldconfig -v 刷新缓存文件/etc/ld.so.cache #ln -s /usr/local/zlib-1.2.5 /usr/local/zlib 安装openssl #cd /usr/local/ #tar zxvf openssl-1.0.0a.tar.gz #cd openssl-1.0.0a #./config shared zlib-dynamic --prefix=/usr/local/openssl-1.0.0a --with-zlib-lib=/usr/local/zlib-1.2.5/lib --with-zlib-include=/usr/local/zlib-1.2.5/include #make #make test (这一步是进行 SSL 加密协议的完整测试,如果出现错误就要一定先找出原因,否则一味继续可能导致 SSH 不能使用!) #make install #vi /etc/ld.so.conf 配置库文件搜索路径 ############################################ ## add below line to ld.so.conf /usr/local/openssl-1.0.0a/lib 64位OS 没有生成lib目录,是lib64目录 ############################################ #ldconfig -v 刷新缓存文件/etc/ld.so.cache #ln -s /usr/local/openssl-1.0.0a /usr/local/openssl vi /etc/profile ########################################### (add to end of the file) PATH=/usr/local/openssl/bin:$PATH export PATH ########################################### 退出,再登录,查看openssl的版本号,以验正是否安装正确 #openssl version -a OpenSSL 1.0.0a 1 Jun 2010 built on: Wed Jul 7 17:08:07 CST 2010 platform. linux-x86_64 options: bn(64,64) rc4(1x,char) des(idx,cisc,16,int) idea(int) blowfish(idx) compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DWHIRLPOOL_ASM OPENSSLDIR: "/usr/local/openssl-1.0.0a/ssl" 停止并卸载Openssh 1.停止OpenSSH服务 #service sshd stop 2. 查询并卸载openssh # rpm -qa | grep openssh openssh-3.9p1-8.RHEL4.24 openssh-askpass-3.9p1-8.RHEL4.24 openssh-clients-3.9p1-8.RHEL4.24 openssh-server-3.9p1-8.RHEL4.24 openssh-askpass-gnome-3.9p1-8.RHEL4.24 #rpm -e openssh-3.9p1-8.RHEL4.24 --nodeps #rpm -e openssh-clients-3.9p1-8.RHEL4.24 --nodeps 警告/etc/ssh/ssh_config 已存为 /etc/ssh/ssh_config.rpmsave #rpm -e openssh-askpass-3.9p1-8.RHEL4.24 #rpm -e openssh-server-3.9p1-8.RHEL4.24 --nodeps #rpm -e openssh-askpass-gnome-3.9p1-8.RHEL4.24 cd /usr/local/ tar zxvf openssh-5.5p1.tar.gz cd openssh-5.5p1 ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --with-ssl-dir=/usr/local/openssl-1.0.0a --with-md5-passwords --mandir=/usr/share/man --with-zlib=/usr/local/zlib-1.2.5 #make #make install # 将sshd加入启动服务: 进入ssh安装解压目录 #cp ./contrib/redhat/sshd.init /etc/init.d/sshd #chmod +x /etc/init.d/sshd #chkconfig --add sshd 最后,启动 SSH 服务使修改生效: # service sshd start 重启后确认一下当前的 OpenSSH 和 OpenSSL 是否正确: # ssh -v 如果看到了新的版本号就没问题啦! 关闭telnet服务 修改设置文件/etc/xinetd.d/telnet中disable字段改为yes。 启动服务#ntsysv或#service xinetd restart。 注意问题 1.在安装openssh, ./configure 时,报下面错误: configure: error: PAM headers not found 运行# rpm -qa | grep pam pam_smb-1.1.7-5 pam_ccreds-1-3 pam_passwdqc-0.7.5-2 pam-0.77-66.17 pam_krb5-2.1.8-1 spamassassin-3.0.6-1.el4 发现有 pam-0.77-66.17,从网上找到 pam-devel-0.77-66.17.i386.rpm, 运行rpm -ivh pam-devel-0.77-66.17.i386.rpm后,./configure正常 版本号0.77-66.17必须一样。 2.在安装openssh时,configure报错: ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --with-zlib --with-ssl-dir=/usr/include/openssl --with-md5-passwords --mandir=/usr/share/man ..... configure: error: *** zlib too old - check config.log *** Your reported zlib version has known security problems. It's possible your vendor has fixed these problems without changing the version number. If you are sure this is the case, you can disable the check by running "./configure --without-zlib-version-check". If you are in doubt, upgrade zlib to version 1.2.3 or greater. See https://www.herecours.com/d/file/efpub/2026/26-26/20260226094156564088 for details. 因此需要升级zlib. 3.如果操作系统是64位的,openssl-1.0.0a只生成了lib64,没有生成lib目录。openssh configure时,还是连接的老版本的openssl,郁闷。 4. ./configure显示信息: ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --with-ssl-dir=/usr/local/openssl-1.0.0a --with-md5-passwords --mandir=/usr/share/man --with-zlib=/usr/local/zlib-1.2.5 显示信息: OpenSSH has been configured with the following options: User binaries: /usr/bin System binaries: /usr/sbin Configuration files: /etc/ssh Askpass program: /usr/libexec/ssh-askpass Manual pages: /usr/share/man/manX PID file: /var/run Privilege separation chroot path: /var/empty sshd default user PATH: /usr/bin:/bin:/usr/sbin:/sbin Manpage format: doc PAM support: yes OSF SIA support: no KerberosV support: no SELinux support: no Smartcard support: S/KEY support: no TCP Wrappers support: no MD5 password support: yes libedit support: no Solaris process contract support: no IP address in $DISPLAY hack: no Translate v4 in v6 hack: yes BSD Auth support: no Random number source: OpenSSL internal ONLY Host: i686-pc-linux-gnu Compiler: gcc Compiler flags: -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -fno-builtin-memset -std=gnu99 Preprocessor flags: -I/usr/local/openssl-1.0.0a/include -I/usr/local/zlib-1.2.5/include Linker flags: -L/usr/local/openssl-1.0.0a/lib -L/usr/local/zlib-1.2.5/lib Libraries: -lresolv -lcrypto -ldl -lutil -lz -lnsl -lcrypt +for sshd: -lpam PAM is enabled. You may need to install a PAM control file for sshd, otherwise password authentication may fail. Example PAM control files can be found in the contrib/subdirectory
以上就是系统大全给大家介绍的如何使的方法都有一定的了解了吧,好了,如果大家还想了解更多的资讯,那就赶紧点击系统大全官网吧。
本文来自系统大全https://www.herecours.com/d/file/efpub/2026/26-26/20260226094156564089 lang="zh-CN">推荐:win7纯净版
