080-OPENSSH版本的一鍵化升級

安裝包網上本身找，或者郵件我： 704816384@qq.com

#Judging the operating system version  for  redhat_release  
linuxos_version=`cat /etc/redhat-release|grep -v ^$ | head -n 1|tr -d "a-zA-Z"|awk '{print $1}'|cut -c1`



######################selinux   off##########
selinux_file="/etc/selinux/config"
selinux_close() {
cp $selinux_file $selinux_file$(date +%Y%m%d%S).bak
sed -i 's/^SELINUX=.*/SELINUX=disabled/g' $selinux_file
}
selinux_close

######################close  iptables  ##########
service iptables stop
chkconfig iptables off
sudo systemctl stop firewalld
sudo systemctl disable firewalld
sudo systemctl stop NetworkManager
sudo systemctl disable NetworkManager

###################### install dependencies  and  check  ##########
yum install gcc pam-devel zlib-devel  telnet-server* telnet  openssl-devel xinetd  -y
echo "Installation dependencies are installed successfully:"
sleep 2
rpm -qa|grep gcc
sleep 2
rpm -qa|grep pam
sleep 2
rpm -qa|grep zlib
sleep 2
rpm -qa|grep telnet
sleep 2
rpm -qa|grep openssl
rpm -qa|grep xinetd
sleep 2
echo "Please check "
sleep 3
echo "If confirmed, continue to choose the installation operation, Y - to continue the installation, N - to stop the installation"
read -n1 -p "Do you want to reboot system [Y/N]?" choess
  if [ $choess == "Y" ];then
   
######################install telnet service #########
  rpm -ivh telnet-0.17-48.el6.x86_64.rpm
  telnet_file=/etc/xinetd.d/telnet
  perl -pi -e "s/disable.*/disable = yes/g"  $telnet_file
  systemctl enable xinetd.service
  systemctl enable telnet.socket
  systemctl start telnet.socket	
  systemctl start xinetd
  service xinetd restart
  
  backup_file () {
	if [ $# == '1' ]; then
		cp $1 $1_old.bak
	fi
}
backup_file /etc/rc.local

   if [ $linuxos_version == "7" ];then 
    echo "systemctl start telnet.socket" >> /etc/rc.local
    echo "systemctl start xinetd" >> /etc/rc.local
    else
    echo "service xinetd restart" >> /etc/rc.local
   fi
########################Upgrade OPENSSH ##########
mv /etc/ssh /etc/ssh.old 
mv /etc/init.d/sshd /etc/init.d/sshd.old

#!/bin/bash
soure_file=/home/s-linuxad
touch $soure_file/test001.txt
rpm -qa | grep openssh > $soure_file/test001.txt
  for i in `cat $soure_file/test001.txt`;
do 
  rpm -e --nodeps $i 
  if [ $? -eq 0 ];then
        echo "rpm is ok"
   else
       rpm -e --noscripts $i
  fi
done

#########install openssh-7.5#############
mkdir -p /var/lib/sshd
cd $soure_file
tar -zxvf openssh-7.5p1.tar.gz 
cd openssh-7.5p1 
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords --with-pam --with-zlib --with-openssl-includes=/usr --with-privsep-path=/var/lib/sshd 
make 
make install
ssh -V

echo 'X11Forwarding yes' >> /etc/ssh/sshd_config 
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config  
echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
cp -p /home/s-linuxad/openssh-7.5p1/contrib/redhat/sshd.init  /etc/init.d/sshd
chmod +x /etc/init.d/sshd 
chkconfig  --add  sshd 
chkconfig  sshd  on
chkconfig  --list  sshd 
service sshd restart
systemctl restart sshd.service
systemctl enable sshd.service


#######Check OpenSSH version and remote login service######
echo "Checking openssh version"
ssh -V
sleep 5
echo "Check the telnet port"
lsof -i:23
sleep 5
echo "If it is correct, please confirm whether to restart the operating system"
read -n1 -p "Do you want to reboot system [Y/N]?" answer
    if [ $answer == "Y" ];then
       reboot
   else
     exit 0
   fi
else
     exit 0
fi

升級完成以後，xftp 會鏈接不上，會提示 No matching outgoing encryption algorithm found