# -----openssl安装

yum install -y gcc gcc-c++ glibc make autoconf openssl openssl-devel pcre-devel pam-devel

yum install -y pam* zlib*

tar xfz openssl-1.1.1k.tar.gz

chown -R root.root openssl-1.1.1k

cd openssl-1.1.1k/

mv /usr/bin/openssl /usr/bin/openssl_bak

mv /usr/include/openssl /usr/include/openssl_bak

./config --prefix=/usr/local/openssl  --此处不能是解压包的地址，安装目录与解压目录不能相同 ，负责会报/include/openssl/aes.h' and '/usr/local/openssl/include/openssl/aes.h' are the same file

make && make install

ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl

ln -s /usr/local/openssl/include/openssl /usr/include/openssl

echo "/usr/local/openssl/lib" >> /etc/ld.so.conf

ldconfig

openssl version -v

#openssh升级

1.安装依赖包 yum install gcc zlib-devel pam-devel liselinux-devev (pam-devel 一定要装)

2.下载安装包 openssh-8.6p1

3.tar -zxvf openssh-8.6p1

4.cd openssh-8.6p1

5. ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-zlib --with-tcp-wrappers --with-ssl-dir=/usr/local/openssl --without-hardening  (--with-tcp-wrappers 可能会提示警告 不用管)

6.make && make install

7.vi /etc/ssh/sshd_config

修改两个地方

PermitRootlogin yes

PasswordAuthentication yes

8 systemctl restart sshd 堡垒机应该会断掉一下

9 systemctl status sshd

10 ssh -V