Centos 7.6(1810) 打包Openssh8.1p1
环境
[root@localhost frp_s]# cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)
前提是能联网!
一、创建路径
mkdir -p /root/rpmbuild/SOURCES/
二、下载关键源码包
wget https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/openssh-8.1p1.tar.gz
如果下载失败,直接在web下载:
https://src.fedoraproject.org/repo/pkgs/openssh/openssh-8.1p1.tar.gz/sha512/b987ea4ffd4ab0c94110723860273b06ed8ffb4d21cbd99ca144a4722dc55f4bf86f6253d500386b6bee7af50f066e2aa2dd095d50746509a10e11221d39d925/
下面这个也是必须要下载的:
wget https://src.fedoraproject.org/repo/pkgs/openssh/x11-ssh-askpass-1.2.4.1.tar.gz/8f2e41f3f7eaa8543a2440454637f3c3/x11-ssh-askpass-1.2.4.1.tar.gz
这两个下载完后拷贝到SOURCES目录:
cp x11-ssh-askpass-1.2.4.1.tar.gz SOURCES/
cp openssh-8.1p1.tar.gz SOURCES/
三、制作准备
yum install rpm-build zlib-devel openssl-devel gcc perl-devel pam-devel unziptar -zxf openssh-8.1p1.tar.gzcp ./openssh-8.1p1/contrib/redhat/openssh.spec .sed -i -e "s/%define no_x11_askpass 0/%define no_x11_askpass 1/g" openssh.specsed -i -e "s/%define no_gnome_askpass 0/%define no_gnome_askpass 1/g" openssh.spec
四、开始制作rpm包
rpmbuild -ba openssh.spec
如果出现 错误:构建依赖失败: openssl-devel < 1.1 被 ?? 需要 解决方法:
vi openssh.spec 注释掉 BuildRequires: openssl-devel < 1.1 这一行
打包完成后信息:
处理文件:openssh-server-8.1p1-1.el7.x86_64Provides: config(openssh-server) = 8.1p1-1.el7 openssh-server = 8.1p1-1.el7 openssh-server(x86-64) = 8.1p1-1.el7Requires(interp): /bin/sh /bin/sh /bin/sh /bin/sh /bin/shRequires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib (PayloadFilesHavePrefix) <= 4.0-1Requires(pre): /bin/shRequires(post): /bin/shRequires(preun): /bin/shRequires(postun): /bin/shRequires: /bin/bash libc.so.6()(64bit) libc.so.6 (GLIBC_2.14)(64bit) libc.so.6(GLIBC_2.16)(64bit) libc.so.6(GLIBC_2.17)(64bit) libc.so.6(GLIBC_2.2.5) (64bit) libc.so.6(GLIBC_2.3)(64bit) libc.so.6 (GLIBC_2.3.4)(64bit) libc.so.6(GLIBC_2.4)(64bit) libc.so.6(GLIBC_2.6)(64bit) libc.so.6(GLIBC_2.8)(64bit) libcom_err.so.2()(64bit) libcrypt.so.1()(64bit) libcrypt.so.1(GLIBC_2.2.5)(64bit) libcrypto.so.10() (64bit) libcrypto.so.10(OPENSSL_1.0.1_EC)(64bit) libcrypto.so.10(OPENSSL_1.0.2)(64bit) libcrypto.so.10 (libcrypto.so.10)(64bit) libdl.so.2()(64bit) libgssapi_krb5.so.2()(64bit) libgssapi_krb5.so.2 (gssapi_krb5_2_MIT)(64bit) libk5crypto.so.3()(64bit) libkrb5.so.3()(64bit) libkrb5.so.3(krb5_3_MIT)(64bit) libpam.so.0()(64bit) libpam.so.0(LIBPAM_1.0)(64bit) libresolv.so.2()(64bit) libutil.so.1()(64bit) libutil.so.1(GLIBC_2.2.5)(64bit) libz.so.1()(64bit) rtld (GNU_HASH)Obsoletes: ssh-server处理文件:openssh-debuginfo-8.1p1-1.el7.x86_64Provides: openssh-debuginfo = 8.1p1-1.el7 openssh-debuginfo(x86-64) = 8.1p1-1.el7Requires(rpmlib): rpmlib(FileDigests) <= 4.6.0-1 rpmlib (PayloadFilesHavePrefix) <= 4.0-1 rpmlib (CompressedFileNames) <= 3.0.4-1检查未打包文件:/usr/lib/rpm/check-files /root/rpmbuild/ BUILDROOT/openssh-8.1p1-1.el7.x86_64写道:/root/rpmbuild/SRPMS/openssh-8.1p1-1.el7.src.rpm写道:/root/rpmbuild/RPMS/x86_64/ openssh-8.1p1-1.el7.x86_64.rpm写道:/root/rpmbuild/RPMS/x86_64/ openssh-clients-8.1p1-1.el7.x86_64.rpm写道:/root/rpmbuild/RPMS/x86_64/ openssh-server-8.1p1-1.el7.x86_64.rpm写道:/root/rpmbuild/RPMS/x86_64/ openssh-debuginfo-8.1p1-1.el7.x86_64.rpm执行(%clean): /bin/sh -e /var/tmp/rpm-tmp.0dMET2+ umask 022+ cd /root/rpmbuild/BUILD+ cd openssh-8.1p1+ rm -rf /root/rpmbuild/BUILDROOT/ openssh-8.1p1-1.el7.x86_64+ exit 0
五、进入打包后的文件路径
cd /root/rpmbuild/RPMS/x86_64/
六、开始安装
将所有rpm包拷贝到安装设备上
yum install ./openssh-* -y
注意:安装完毕后:
密码正确却无法登录解决方法:
①修改 /etc/pam.d/sshd 文件
vi /etc/pam.d/sshd
修改后
[root@localhost x86_64]# cat /etc/pam.d/sshd
#%PAM-1.0
auth required pam_sepermit.so
auth include password-auth
account required pam_nologin.so
account include password-auth
password include password-auth
##pam_selinux.so close should be the first session rulesession required pam_selinux.so close
session required pam_loginuid.so
##pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open env_params
session optional pam_keyinit.so force revoke
session include password-auth
②修改 /etc/ssh/sshd_config配置
vi /etc/ssh/sshd_configPermitRootLogin yes #允许root帐号远程登录PasswordAuthentication yes #开启密码认证方式UsePAM yes #开启UsePAM登录
七、修改key的权限
chmod 400 /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ed25519_key
八、重启sshd服务
systemctl restart sshd
九、最终效果
[root@localhost x86_64]# ssh -VOpenSSH_8.1p1, OpenSSL 1.0.2k-fips 26 Jan 2017
十、参考链接
https://blog.csdn.net/keke0107/article/details/118149188
https://adbin.github.io/linux/centos/7/openssh/rpm/2019/12/06/centos7.6-build-openssh8.1p1-rpm.html
说明:此文章融合了两个链接,直接按步骤操作即可成功!