hpunix0openssh5.2怎么卸载unixodbc

来源:蜘蛛抓取(WebSpider) 时间:2015-09-06 08:26 标签: flyme3.5.2卸载google
升级openssh6.7和openssl1.0.1j - 下载频道
- CSDN.NET
&&&&升级openssh6.7和openssl1.0.1j
升级openssh6.7和openssl1.0.1j
个人整理并测试通过,亲测RHEL4.6,RHEL5.3,RHEL6.4,Centos6.5已成功将openssh升级到openssh6.7p1最新版,将Openssl升级到openssl1.0.1j,理论上大版本一致均可以升级,有效防止heartbleed漏洞攻击,文档中有执行脚本updatessh.sh,最后一步重启sshd已注释,以防中途出错,没有直连条件的,最好开telnet升级,以免出错导致无法远程登录。批量升级用脚本sh -x /tmp/openssh/updatessh.sh&install.log&
需要gcc和make,包中有部分rpm包,如提示缺失依赖,可从rpmfind.net搜索。
若举报审核通过,可奖励20下载分
被举报人:
举报的资源分:
请选择类型
资源无法下载
资源无法使用
标题与实际内容不符
含有危害国家安全内容
含有反动色情等内容
含广告内容
版权问题,侵犯个人或公司的版权
*详细原因:
您可能还需要
安全技术下载排行用户名:kk
访问量:1423
注册日期:
阅读量:2215
51CTO推荐博文
&最近由于绿盟不断扫到openssh漏洞,决定对HP机器进行升级,将openssh升级到最新。&查看设备ssh的版本,确实比较低有一个网站提供很详细的HP 系列安装包下载,包括&|&&|&&|&&|&这几个系列网站网址链接&/hpux/downloads.html#hpux1123我的设备是HP-UX 11.23 ia64位的,在页面上找到自己对应的平台然后下载OpenSSH&,OpenSSL&,zlib&这三个软件包下载到本地后,上传到需要升级的服务器上,可以一个一个的安装软件,但是这个比较麻烦,可以将这些软件打包安装,这样就方便多了。1.将上传的xx.sd.bz压缩文件进行解压:bash-3.2#bzip2 -d&openssh-6.6p1-11.23.sd.bzbash-3.2#bzip2 -d&openssl-1.0.1h-11.23.sd.bzbash-3.2#bzip2 -d&zlib-1.2.8-11.23.sd.bzbash-3.2#mkdir&/home/test/upload/ssh/ssh6bash-3.2#swcopy -v -s&/home/test/upload/ssh/openssl-1.0.1h-11.23.sd&openssl @&/home/test/upload/ssh/ssh6 &(标红的必须是绝对路径)bash-3.2#swcopy -v -s&/home/test/upload/ssh/zlib-1.2.8-11.23.sd&zlib @&/home/test/upload/ssh/ssh6bash-3.2#swcopy -v -s&/home/test/upload/ssh/openssh-6.6p1-11.23.sd&openssh @&/home/test/upload/ssh/ssh6将三个软件打包到ssh6文件夹中后,就可以开始安装了。开始安装之前需要做一些准备工作1.开启telnet服务,以免升级出现意外,无法连接设备-bash-3.2#vi /etc/inetd.conf 去掉配置文件中telnet前的#,然后重启进程。-bash-3.2#&-bash-3.2# ps -ef | grep ssh&& ipnet 1& 2 13:41:16 pts/2&&&& 0:00 grep ssh&& ipnet& & 0 13:33:17 ?&&&&&&&& 0:00 sshd: ipnet@pts/2&&& root& & 0 13:33:02 ?&&&&&&&& 0:00 sshd: ipnet [priv]&&& root& 9715&&&& 1& 0 13:32:45 ?&&&&&&&& 0:00 /opt/ssh/sbin/sshd-bash-3.2# kill -HUP 97152.删除之前安装的openssh openssl zlib-bash-3.2#swremove & (我这里已经安装了最新的了,如果是旧版本,先卸载,再安装最新版本)按 空格键 选中需要卸载的软件名,都选中后按Tab键,按→键移到Actions ,选中Remove删除对应的软件。最后退出&.全新安装新版openssh,openssl,zlib-bash-3.2#swinstall -s&/home/test/upload/ssh/ssh6 &(空格键依次全部选中)-bash-3.2# file /usr/local/sbin/sshd & (查看sshd软件位数版本)/usr/local/sbin/sshd:&& ELF-64 executable object file - IA64-bash-3.2# ldd /usr/local/sbin/sshd & &&&&&&&&& libcrypto.so =& /usr/local/ssl/lib/libcrypto.so&&&&&&& libz.so =&&&&&& /usr/lib/hpux64/libz.so&&&&&&& libnsl.so.1 =&& /usr/lib/hpux64/libnsl.so.1&&&&&&& libxnet.so.1 =& /usr/lib/hpux64/libxnet.so.1&&&&&&& libsec.so.1 =&& /usr/lib/hpux64/libsec.so.1&&&&&&& libc.so.1 =&&&& /usr/lib/hpux64/libc.so.1&&&&&&& libxti.so.1 =&& /usr/lib/hpux64/libxti.so.1&&&&&&& libxti.so.1 =&& /usr/lib/hpux64/libxti.so.1&&&&&&& libm.so.1 =&&&& /usr/lib/hpux64/libm.so.1&&&&&&& libdl.so.1 =&&& /usr/lib/hpux64/libdl.so.1********* &我这里是做好之后的,第一次做可能会遇到找不到libz.so的情况,这时可以做一个链接*********&-bash-3.2# ln -s /usr/local/lib/libz.so /usr/lib/hpux64/4.查看并停掉旧的ssh服务-bash-3.2# ps -ef | grep inetd & & &&&&& root & 1 15:21:27 pts/1&&&& 0:00 grep ssh&&& root 2& 0 15:08:23 ?&&&&&&&& 0:00 sshd: boco4A [priv]&&& root& 9715&&&& 1& 0 13:32:45 ?&&&&&&&& 0:00 /opt/ssh/sbin/sshd& boco4A & 0 15:08:23 ?&&&&&&&& 0:00 sshd: boco4A@pts/1-bash-3.2# kill -9 97155.移除旧的启动程序,链接新的程序&-bash-3.2#mv /opt/ssh/sbin/sshd /opt/ssh/sbin/sshd_&-bash-3.2#ln -s /usr/local/sbin/sshd /opt/ssh/sbin/sshd6.启动ssh服务-bash-3.2#/opt/ssh/sbin/sshd7.运行ssh-keygen 生成私钥和密钥&-bash-3.2#ssh-keygen -f /usr/local/etc/ssh_host_rsa_key&-bash-3.2#ssh-keygen -f /usr/local/etc/ssh_host_dsa_key&-bash-3.2#ssh-keygen -f /usr/local/etc/ssh_host_ecdsa_key8.查看ssh版本&&-bash-3.2#sshd -version9.关闭telnet服务,此处省略。&本文出自 “” 博客,请务必保留此出处
了这篇文章
类别:┆阅读(0)┆评论(0)Wed Aug 12 08:29:20 CST 2015
OpenSSH 7.0 发布,主要修复验证漏洞和其它一些安全方面的 bug,更新内容如下: -------- &*&sshd(8):&OpenSSH&6.8&and&6.9&incorrectly&set&TTYs&to&be&world- &&&writable.&Local&attackers&may&be&able&to&write&arbitrary&messages &&&to&logged-in&users,&including&terminal&escape&sequences. &&&Reported&by&Nikolay&Edigaryev. &*&sshd(8):&Portable&OpenSSH&only:&Fixed&a&privilege&separation &&&weakness&related&to&PAM&support.&Attackers&who&could&successfully &&&compromise&the&pre-authentication&process&for&remote&code &&&execution&and&who&had&valid&credentials&on&the&host&could &&&impersonate&other&users.&&Reported&by&Moritz&Jodeit. &*&sshd(8):&Portable&OpenSSH&only:&Fixed&a&use-after-free&bug &&&related&to&PAM&support&that&was&reachable&by&attackers&who&could &&&compromise&the&pre-authentication&process&for&remote&code &&&execution.&Also&reported&by&Moritz&Jodeit. &*&sshd(8):&fix&circumvention&of&MaxAuthTries&using&keyboard- &&&interactive&authentication.&By&specifying&a&long,&repeating &&&keyboard-interactive&&devices&&string,&an&attacker&could&request &&&the&same&authentication&method&be&tried&thousands&of&times&in &&&a&single&pass.&The&LoginGraceTime&timeout&in&sshd(8)&and&any &&&authentication&failure&delays&implemented&by&the&authentication &&&mechanism&itself&were&still&applied.&Found&by&Kingcope. &&& -------------------------------- &*&Support&for&the&legacy&SSH&version&1&protocol&is&disabled&by &&&default&at&compile&time. &*&Support&for&the&1024-bit&diffie-hellman-group1-sha1&key&exchange &&&is&disabled&by&default&at&run-time.&It&may&be&re-enabled&using &&&the&instructions&at&/legacy.html &*&Support&for&ssh-dss,&ssh-dss-cert-*&host&and&user&keys&is&disabled &&&by&default&at&run-time.&These&may&be&re-enabled&using&the &&&instructions&at&/legacy.html &*&Support&for&the&legacy&v00&cert&format&has&been&removed. &*&The&default&for&the&sshd_config(5)&PermitRootLogin&option&has &&&changed&from&&yes&&to&&prohibit-password&. &*&PermitRootLogin=without-password/prohibit-password&now&bans&all &&&interactive&authentication&methods,&allowing&only&public-key, &&&hostbased&and&GSSAPI&authentication&(previously&it&permitted &&&keyboard-interactive&and&password-less&authentication&if&those &&&were&enabled). ------------ &*&ssh_config(5):&add&PubkeyAcceptedKeyTypes&option&to&control&which &&&public&key&types&are&available&for&user&authentication. &*&sshd_config(5):&add&HostKeyAlgorithms&option&to&control&which &&&public&key&types&are&offered&for&host&authentications. &*&ssh(1),&sshd(8):&extend&Ciphers,&MACs,&KexAlgorithms, &&&HostKeyAlgorithms,&PubkeyAcceptedKeyTypes&and&HostbasedKeyTypes &&&options&to&allow&appending&to&the&default&set&of&algorithms &&&instead&of&replacing&it.&Options&may&now&be&prefixed&with&a&'+' &&&to&append&to&the&default,&e.g.&&HostKeyAlgorithms=+ssh-dss&. &*&sshd_config(5):&PermitRootLogin&now&accepts&an&argument&of &&&'prohibit-password'&as&a&less-ambiguous&synonym&of&'without- &&&password'. -------- &*&ssh(1),&sshd(8):&add&compatability&workarounds&for&Cisco&and&more &&&PuTTY&versions.&bz#2424 &*&Fix&some&omissions&and&errors&in&the&PROTOCOL&and&PROTOCOL.mux &&&documentation&relating&to&Unix&domain&socket& &&&bz#2421&bz#2422 &*&ssh(1):&Improve&the&ssh(1)&manual&page&to&include&a&better &&&description&of&Unix&domain&socket&&bz#2423 &*&ssh(1),&ssh-agent(1):&skip&uninitialised&PKCS#11&slots,&fixing &&&failures&to&load&keys&when&they&are&present.&bz#2427 &*&ssh(1),&ssh-agent(1):&do&not&ignore&PKCS#11&hosted&keys&that&wth &&&empty&CKA_ID;&bz#2429 &*&sshd(8):&clarify&documentation&for&UseDNS&&bz#2045
更多内容请查看:发行说明
OpenSSH(Open Secure Shell)是使用SSH透过计算机网络加密通讯的实现。它是取代由SSH Communications Security所提供的商用版本的开放源代码方案。目前OpenSSH是OpenBSD的子计划。
OpenSSH常常被误认以为与OpenSSL有关联,但实际上这两个计划的有不同的目的,不同的发展团队,名称相近只是因为两者有同样的软件发展目标──提供开放源代码的加密通讯软件。
除非注明,
&文章均为原创,转载请以链接形式标明本文地址
本文地址:

我要回帖

更多关于 flyme3.5.2卸载google 的文章

 

随机推荐