sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config setenforce 0 service iptables stop chkconfig iptables off yum -y install gcc gcc-c++ telnet-server* pam-devel zlib-devel openssl openssl-devel vi /etc/xinetd.d/telnet
mv /etc/securetty /etc/securetty.old service xinetd start chkconfig xinetd on telnet [ip]
cd /home/ishangsoft wget http://down.i.my71.com/openssh-7.4p1.tar.gz tar -zxvf openssh-7.4p1.tar.gz cd /home/ishangsoft/openssh-7.4p1 make clean ldconfig ./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh --with-pam --with-md5-passwords --mandir=/usr/share/man make && make install /etc/init.d/sshd stop \cp -f /home/ishangsoft/openssh-7.4p1/contrib/redhat/sshd.init /etc/init.d/sshd chmod u+x /etc/init.d/sshd chkconfig --add sshd \cp -f /usr/local/openssh/sbin/sshd /usr/sbin/sshd \cp -f /usr/local/openssh/bin/ssh-keygen /usr/bin/ssh-keygen vi /etc/ssh/sshd_config
##去掉前面的注释,允许root通过ssh登录
PermitRootLogin yes
##注释掉下面三个参数
#GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
#UsePAM yes
末尾添加如下信息:
Ciphers aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr,3des-cbc,arcfour128,arcfour256,arcfour,blowfish-cbc,cast128-cbc MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1,curve25519-sha256@libssh.org
service sshd start mv /etc/securetty.old /etc/securetty chkconfig xinetd off service xinetd stop service iptables start chkconfig iptables on # 查看版本 openssl version -a
参考:http://www.zhimengzhe.com/linux/333932.html
没有帐号? 立即注册