CentOS7 OpenSSL升级1.1.1t;OpenSSH 升级 9.8p1 保姆级教程
1.下载OpenSSL
# 下载OpenSSL 1.1.1
cd /tmp
wget https://www.openssl.org/source/openssl-1.1.1t.tar.gz
tar -xzf openssl-1.1.1t.tar.gz
cd openssl-1.1.1t# 配置、编译、安装
./config --prefix=/usr/local/openssl --openssldir=/usr/local/openssl shared zlib
make -j$(nproc)
sudo make install# 更新系统库路径
echo "/usr/local/openssl/lib" | sudo tee /etc/ld.so.conf.d/openssl.conf
sudo ldconfig# 验证版本
/usr/local/openssl/bin/openssl version2.下载OpenSSH
wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.8p1.tar.gz
tar -zxvf openssh-9.8p1.tar.gz
cd openssh-9.8p1
sudo ./configure --with-ssl-dir=/usr/local/openssl && make && sudo make install3.出现问题的话可能会显示
checking OpenSSL library version... configure: error: OpenSSL >= 1.1.1 required (have "100020bf (OpenSSL 1.0.2k-fips 26 Jan 2017)")
需要修改环境变量,因为有可能还是以前的老版本,只需要在编译openssh的时候添加源码路径即可
vi ~/.bashrc
# 方法一:通过环境变量指定
export PATH="/usr/local/openssl/bin:$PATH"
export LD_LIBRARY_PATH="/usr/local/openssl/lib:$LD_LIBRARY_PATH"
export CPPFLAGS="-I/usr/local/openssl/include"
export LDFLAGS="-L/usr/local/openssl/lib"# 方法二:直接传递参数
./configure --with-ssl-dir=/usr/local/openssl # 源码安装路径
./configure --with-ssl-dir=/usr/local # 包管理器安装路径