Centos7 离线升级openssh到9.3p1

tar zxvf /root/zlib-1.2.13.tar.gz
tar zxvf /root/openssl-1.1.1u.tar.gz
tar zxvf /root/openssh-9.3p1.tar.gz

cd zlib-1.2.13
 
./configure --prefix=/usr/local/zlib
 
 
make && make install
 
echo '/usr/local/zlib/lib' >> /etc/ld.so.conf  
ldconfig -v

cd  openssl-1.1.1u 
 
./config --prefix=/usr/local/ssl -d shared
 
make && make install   （时间比较长，切勿打断）
 
echo '/usr/local/ssl/lib' >> /etc/ld.so.conf
ldconfig -v

cd openssh-9.3p1
 
./configure --prefix=/usr/local/openssh --with-zlib=/usr/local/zlib --with-ssl-dir=/usr/local/ssl
 
make && make install

echo 'PermitRootLogin yes' >>/usr/local/openssh/etc/sshd_config
 
echo 'PubkeyAuthentication yes' >>/usr/local/openssh/etc/sshd_config
 
echo 'PasswordAuthentication yes' >>/usr/local/openssh/etc/sshd_config
 
mv /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
 
cp /usr/local/openssh/etc/sshd_config /etc/ssh/sshd_config
 
mv /usr/sbin/sshd /usr/sbin/sshd.bak
 
cp /usr/local/openssh/sbin/sshd /usr/sbin/sshd
 
mv /usr/bin/ssh /usr/bin/ssh.bak
 
cp /usr/local/openssh/bin/ssh /usr/bin/ssh
 
mv /usr/bin/ssh-keygen /usr/bin/ssh-keygen.bak
 
cp /usr/local/openssh/bin/ssh-keygen /usr/bin/ssh-keygen
 
mv /etc/ssh/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub.bak
 
cp /usr/local/openssh/etc/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub
 
cp -p contrib/redhat/sshd.init /etc/init.d/sshd
 
chmod +x /etc/init.d/sshd
 
chkconfig --add sshd
 
chkconfig sshd on
 
chmod 600 /etc/ssh/ssh_host_rsa_key
 
chmod 600 /etc/ssh/ssh_host_ecdsa_key
 
chown -R root.root /var/empty/sshd
 
chmod 744 /var/empty/sshd

rpm -qa | grep openssh
根据上面查询出的结果，卸载系统里原有Openssh（一般有三个包，全部卸载）
rpm -e --nodeps  xxxxxxxxxx
rpm -e --nodeps openssh-server-7.4p1-21.el7.x86_64
rpm -e --nodeps openssh-7.4p1-21.el7.x86_64
rpm -e --nodeps openssh-clients-7.4p1-21.el7.x86_64
卸载完成后执行rpm -qa | grep openssh，确保没有回显
rpm -qa | grep openssh

重启sshd服务
systemctl restart sshd

验证ssh版本
ssh -V