#安装支持包

yum install -y telnet-server telnet gcc zlib-devel openssl-devel pam-devel automake autoconf libtool make

#替换 telnet 配置文件

/etc/xinetd.d/telnet 中的 yes 修改为 no

#重启 xinetd

service xinetd restart

 

wget https://www.openssl.org/source/openssl-1.0.2l.tar.gz

 

tar zxvf openssl-1.0.2l.tar.gz

 

cd openssl-1.0.2l

 

./config&& make&& make install

 

mv /usr/bin/openssl /usr/bin/openssl_v101e

 

ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl

 

openssl version

 

cd ~

 

cp -rf /etc/ssh /etc/ssh.bak20170609

 

wget ftp://mirror.jmu.edu/pub/OpenBSD/OpenSSH/portable/openssh-7.5p1.tar.gz

 

tar zxvf openssh-7.5p1.tar.gz

cd openssh-7.5p1

 

 

 

./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-tcp-wrappers --with-ssl-dir=/usr/local/ssl --without-hardening

make && make install

 

cd ~/openssh-7.5p1/contrib/redhat

mv /etc/init.d/sshd /etc/init.d/sshd20170609

cp sshd.init /etc/init.d/sshd

chmod u+x /etc/init.d/sshd

chkconfig --add sshd

cp -rf /etc/ssh/ssh_config /etc/ssh/ssh_config.bak20170609

cp -p ~/openssh-7.5p1/sshd_config /etc/ssh/sshd_config

 

cp: overwrite `/etc/ssh/sshd_config'? y

 

cd ~

 

#修改 ssh 的配置文件

echo "Ciphers aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr,3des-cbc,arcfour128,arcfour256,arcfour,blowfish-cbc,cast128-cbc" >> /etc/ssh/sshd_config

 

echo "MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-sha1-96,hmac-md5-96" >> /etc/ssh/sshd_config

 

echo "KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1,curve25519-sha256@libssh.org" >> /etc/ssh/sshd_config

 

 

/etc/init.d/sshd restart