Centos7 upgrade openssl-1.1.1s and openssh-9.1p1 (with script)

The main reason is that there was a vulnerability in openssl last month, so the server needs to be upgraded. It is recommended not to upgrade if there is no problem. The main steps are 2, and the script content also contains only the upgrade. 1 and 3 are to enable and disable telnet, it is not recommended to use telnet.

1 Install and start telnet

In fact, I did not use telnet, and there is a certain risk in opening it.
It is recommended to create an instance test of the server snapshot first, and you can open a few more ssh remote connections, so the general problem is not big.

1.1 Install xinetd/telnet-server/vsftpd
yum -y install xinetd
yum -y install telnet-server
yum -y install vsftpd
1.2 Modify the configuration file vim /etc/xinetd.d/telnet and change disable = yes to disable = no
flags = REUSE
socket_type = stream        
wait = no
user = root
server = /usr/sbin/in.telnetd
log_on_failure += USERID
#disable = yes
disable = no
1.3 Start and set up auto-start
service xinetd restart
service vsftpd restart
systemctl start telnet.socket && systemctl enable telnet.socket
1.4 If there is a firewall, you need to release port 23 (Aliyun release)
firewall-cmd --zone=public --add-port=23/tcp --permanent
1.5 When using telnet to connect to the server, root login is not allowed by default. You need to create a user and grant sudo permission (if you already have a user and have sudo permission, you can skip it)
# Add a user and set a password (centos7 is the user name, password ruijie123, > can be modified)
useradd centos7
echo ruijie123 | passwd --stdin centos7
# Increase the sudo permission of the centos7 account
# Add the configuration in the configuration file /etc/sudoers, but the file does not have write permission by default, so you need to increase the write permission first
chmod u+w /etc/sudoers
vi /etc/sudoers
centos7 ALL=(ALL) ALL
1.6 Use the telnet command in the terminal under windows to test the connection (port 23 by default)
telnet ip address 23

2 Execute openssh and openssl compilation update

Be sure to open a few more ssh remote connections! ! ! ! ! ! Prevent accidental disconnection in the middle! ! ! ! ! !

2.1 Put the script file and the three downloaded compressed packages in the opt directory (just the same directory), execute the script, and complete the installation

Make the script file, the script file is in 4, just download the other three compressed packages by yourself, or don’t download it, the script will be downloaded automatically.

sh upopenssh.sh

If the upgrade fails, back up the configuration, directly use yum to reinstall the built-in ssh, and confirm the configuration.

Confirm that it is automatically started at boot
chkconfig --list sshd
# sshd 0: off 1: off 2: on 3: on 4: on 5: on 6: off 

3 Close telnet, delete it after the openssh test is normal (if using telnet, be sure to close it)

3.1 Close telnet and firewall port 23
service xinetd stop && service vsftpd stop
systemctl stop telnet.socket && systemctl disable telnet.socket
firewall-cmd --remove-port=23/tcp  --permanent 
##### 3.2 Uninstall telnet
rpm -e telnet-server
3.3 If there is no configured user before, it is not required (not necessary)
# delete users
userdel -r centos7
# Edit the sudo configuration file and remove the corresponding configuration section
vi /etc/sudoers
# Restore the permissions of the sudo configuration file
chmod u-w /etc/sudoers

4 upopenssh.sh script

Note that openssl 3.0 cannot be used here, the dependencies required by 3.0 are different, and an error will be reported; all 1.x versions should be available.
There is a backup process, and the upgrade and compilation process will be restored if it fails. However, the restoration effect has only been tested manually without actual verification. I have succeeded.
The ssh configuration is reserved, and you need to modify it yourself in some places.

script source Detailed upgrade steps of the latest version of Linux OpenSSH-9.0p1 (with script)
I made my own modifications, mainly to retain the configuration and add some handling of failed operations.

#!/bin/bash
#
#########################################################
# Function :openssh-9.1p1 and openssl 1.1.1s update     #
# Platform :Centos7.X                                   #
# Version  :1.0                                         #
# Date     :2022-12-12                                  #     
#########################################################
echo ------------------------------------------
echo  openssh-9.1p1 and openssl 1.1.1s update
echo ------------------------------------------
sleep 2
clear
export LANG="en_US.UTF-8"

#Version number (currently latest)
zlib_version="zlib-1.2.13"
openssl_version="openssl-1.1.1s"
openssh_version="openssh-9.1p1"

#Installation package address
file="/opt"

#default compilation path
default="/usr/local" 
date_time=`date +%Y-%m-%d—%H:%M`

#installation manual
file_install="$file/openssh_install"
file_backup="$file/openssh_backup"
file_log="$file/openssh_log"

#Source package link
zlib_download="https://www.zlib.net/$zlib_version.tar.gz"
openssl_download="https://www.openssl.org/source/$openssl_version.tar.gz"
openssh_download="https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/$openssh_version.tar.gz"


Install_make() {
	echo The installation process begins
	sleep 1s
	clear
	Check if user is root
	if [ $(id -u) != "0" ];then
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e " The current user is a normal user,must use root user run,script exiting......" "\033[31m Error\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo ""
		sleep 3
		exit
	 fi

	# Check telnet server is enable
	# systemctl restart telnet.socket &&  systemctl restart xinetd
	# ps -ef |grep xinetd | egrep -v grep > /dev/null
	# if [ $? -eq 0 ];then
	# 	echo detected that the telnet service has started...
	# 	systemctl enable telnet.socket
	# 	systemctl enable xinetd
	# 	echo $(date +%F-%T) telnet service detected and started... >> update.log
	# 	sleep 2
	# else
	# 	echo -e "Please run the script after starting the telnet service (to prevent update failure), the script is exiting..." "\033[31m Error\033[0m"
	# 	sleep 3
	# 	exit
	# fi

	#Determine whether to install wget
	echo -e "\033[33m Installing Wget...... \033[0m"
	sleep 2
	echo ""
		if ! type wget >/dev/null 2>&1;then
			yum install -y wget
		else
			echo -e "\033[33m--------------------------------------------------------------- \033[0m"
			echo -e " wget already installed:" "\033[32m Please continue\033[0m"
			echo -e "\033[33m--------------------------------------------------------------- \033[0m"
			echo ""
		fi

	#Determine whether to install tar
	echo -e "\033[33m Installing TAR...... \033[0m"
	sleep 2
	echo ""
		if ! type tar >/dev/null 2>&1;then
			yum install -y tar
		else
			echo ""
			echo -e "\033[33m--------------------------------------------------------------- \033[0m"
				echo -e " tar already installed:" "\033[32m Please continue\033[0m"
			echo -e "\033[33m--------------------------------------------------------------- \033[0m"
			echo ""
		fi

	#Install related dependencies
	echo -e "\033[33m Installing dependencies...... \033[0m"
	sleep 3
	echo ""
		yum -y install gcc gcc-c++ glibc make autoconf openssl openssl-devel pcre-devel pam-devel zlib-devel tcp_wrappers-devel tcp_wrappers
		if [ $? -eq 0 ];then
			echo ""
			echo -e "\033[33m--------------------------------------------------------------- \033[0m"
				echo -e " Successfully installed software dependencies " "\033[32m Success\033[0m"
			echo -e "\033[33m--------------------------------------------------------------- \033[0m"
			else
			echo -e "\033[33m--------------------------------------------------------------- \033[0m"
				echo -e " Failed to decompress the source package, the script is exiting......" "\033[31m Error\033[0m"
			echo -e "\033[33m--------------------------------------------------------------- \033[0m"
			echo ""
			sleep 4
			exit
		fi
}


Install_backup() {
	#Create file (can be modified)
	mkdir -p $file_install
	mkdir -p $file_backup
	mkdir -p $file_log
	mkdir -p $file_backup/zlib
	mkdir -p $file_backup/ssl
	mkdir -p $file_backup/ssh
	mkdir -p $file_log/zlib
	mkdir -p $file_log/ssl
	mkdir -p $file_log/ssh

	#Backup file (can be modified)
	cp -rf /usr/bin/openssl  $file_backup/ssl/openssl_$date_time.bak > /dev/null
	cp -rf /usr/include/openssl /usr/include/openssl.bak //This scene does not exist
	cp -rf /etc/ssh  $file_backup/ssh/ssh_$date_time.bak > /dev/null
	cp -rf /etc/pam.d/sshd.pam  $file_backup/ssh/sshd_$date_time.pam.bak > /dev/null
	cp -rf /etc/init.d/sshd  $file_backup/ssh/sshd_$date_time.bak > /dev/null
	cp -rf /usr/lib/systemd/system/sshd.service  $file_backup/ssh/sshd_$date_time.service.bak > /dev/null
}

Install_tar() {
	#Download the source package, check whether it is decompressed (can be modified)
	#	if [ -e $file/$zlib_version.tar.gz ] && [ -e $file/$openssl_version.tar.gz ] && [ -e /$file/$openssh_version.tar.gz ];then
	#		echo -e "Download software source package already exists" "\033[32m Please continue\033[0m"
	#	else
	#		echo -e "\033[33m No local source package found, the link is being checked and obtained...........\033[0m "
	#	echo ""
	#	cd $file
	#	wget --no-check-certificate  $zlib_download
	#	wget --no-check-certificate  $openssl_download
	#	wget --no-check-certificate  $openssh_download
	#	echo ""
	#	fi
	#zlib
	echo -e "\033[33m downloading Zlib package...... \033[0m"
	sleep 3
	echo ""
	if [ -e $file/$zlib_version.tar.gz ];then
		echo -e " Zlib package already exists  " "\033[32m  Please continue\033[0m"
	else
		echo -e "\033[33m Not found zlib local source package,Link checking is getting........... \033[0m "
		sleep 1
		echo ""
		cd $file
		wget --no-check-certificate  $zlib_download
		echo ""
	fi
	#openssl
	echo -e "\033[33m downloading Openssl package...... \033[0m"
	sleep 3
	echo ""
	if  [ -e $file/$openssl_version.tar.gz ];then
		echo -e " Openssl package already exists  " "\033[32m  Please continue\033[0m"
	else
		echo -e "\033[33m Not found openssl local source package,Link checking is getting........... \033[0m "
		echo ""
		sleep 1
		cd $file
		wget --no-check-certificate  $openssl_download
		echo ""
	fi
	#openssh
	echo -e "\033[33m downloading Openssh package...... \033[0m"
	sleep 3
	echo ""
	if [ -e /$file/$openssh_version.tar.gz ];then
		echo -e " Openssh package already exists  " "\033[32m  Please continue\033[0m"
	else
		echo -e "\033[33m Not found openssh local source package,Link checking is getting........... \033[0m "
		echo ""
		sleep 1
		cd $file
		wget --no-check-certificate  $openssh_download
	fi
}

echo ""
#install zlib
Install_zlib() {
	echo -e "\033[33m 1.1-unpacking Zlib package...... \033[0m"
	sleep 3
	echo ""
	cd $file && mkdir -p $file_install && tar -xzf zlib*.tar.gz -C $file_install > /dev/null
	if [ -d $file_install/$zilb_version ];then
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e "  zilb Unzip the source package successfully" "\033[32m Success\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo ""
	else
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e "  zilb Failed to decompress the source package,script exiting......" "\033[31m Error\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo ""
		sleep 4
		exit
	fi
	echo -e "\033[33m 1.2-Compiling and installing Zlib Serve.............. \033[0m"
	sleep 3
	echo ""
	cd $file_install/zlib*
	./configure --prefix=$default/$zlib_version > $file_log/zlib/zlib_configure_$date_time.txt  #> /dev/null 2>&1
	if [ $? -eq 0 ];then
		echo -e "\033[33m make... \033[0m"
			make > /dev/null 2>&1
		echo $?
		echo -e "\033[33m make test... \033[0m"
			make test > /dev/null 2>&1
		echo $?
		echo -e "\033[33m make install... \033[0m"
			make install > /dev/null 2>&1
		echo $?
	else
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e "  Compiling and installing the compressed library failed, and the script is exiting..." "\033[31m Error\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo ""
		sleep 4
		exit
	fi

	if [ -e $default/$zlib_version/lib/libz.so ];then
		sed -i '/zlib/'d /etc/ld.so.conf
		echo "$default/$zlib_version/lib" >> /etc/ld.so.conf
		echo "$default/$zlib_version/lib" >> /etc/ld.so.conf.d/zlib.conf
		ldconfig -v > $file_log/zlib/zlib_ldconfig_$date_tim
		/sbin/ldconfig
	fi
}

echo ""
Install_openssl() {
	echo -e "\033[33m 2.1-unpacking Openssl...... \033[0m"
	sleep 3
	echo ""
	cd $file  &&  tar -xvzf openssl*.tar.gz -C $file_install > /dev/null
	if [ -d $file_install/$openssl_version ];then
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e "  OpenSSL Unzip the source package successfully" "\033[32m Success\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
	else
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e "  OpenSSL Failed to decompress the source package,script exiting......" "\033[31m Error\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo ""
		sleep 4
		exit
	fi
		echo ""
		echo -e "\033[33m 2.2-Compiling and installing Openssl Serve...... \033[0m"
		sleep 3
		echo ""
		cd $file_install/$openssl_version
		./config shared zlib --prefix=$default/$openssl_version >  $file_log/ssl/ssl_config_$date_time.txt  #> /dev/null 2>&1
	if [ $? -eq 0 ];then
		echo -e "\033[33m make clean... \033[0m"
			make clean > /dev/null 2>&1
		echo $?
		echo -e "\033[33m make install... \033[0m"
			make install > /dev/null 2>&1
		echo $?
	else
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e "  Compile and install OpenSSL fail,script exiting..." "\033[31m Error\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo ""
		sleep 4
		exit
	fi

	mv /usr/bin/openssl /usr/bin/openssl_$date_time.bak #backup first
	mv /usr/include/openssl /usr/include/openssl_$date_time.bak #some do not exist
	if [ -e $default/$openssl_version/bin/openssl ];then
		sed -i '/openssl/'d /etc/ld.so.conf
		echo "$default/$openssl_version/lib" >> /etc/ld.so.conf
		ln -s $default/$openssl_version/bin/openssl /usr/bin/openssl
		ln -s $default/$openssl_version/lib/libssl.so.1.1 /usr/lib64/libssl.so.1.1
		ln -s $default/$openssl_version/lib/libcrypto.so.1.1 /usr/lib64/libcrypto.so.1.1
		ldconfig -v > $file_log/ssl/ssl_ldconfig_$date_time.txt > /dev/null 2>&1
		/sbin/ldconfig
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e " Compile and install OpenSSL " "\033[32m Success\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo ""
		echo -e "\033[33m 2.3-exporting OpenSSL version status.............. \033[0m"
		sleep 3
		echo ""
		echo -e "\033[32m====================== OpenSSL veriosn =====================  \033[0m"
		echo ""
		openssl version -a
		echo ""
		echo -e "\033[32m=======================================================  \033[0m"
		sleep 2
	else
		echo ""
		echo -e "\033[33m 2.3.1-restoring OpenSSL middle...... \033[0m"
		rm -rf /usr/bin/openssl
		mv /usr/bin/openssl_$date_time.bak /usr/bin/openssl
		rm -rf /usr/include/openssl
		mv /usr/include/openssl_$date_time.bak /usr/include/openssl
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e " Restored successfully " "\033[32m Success\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo ""
		echo -e "\033[32m====================== OpenSSL veriosn =====================  \033[0m"
		openssl version
		echo ""
		sleep 3
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e " OpenSSL soft link failed,script exiting..." "\033[31m  Error\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo ""
		sleep 4
		exit
	fi
}

echo ""
Install_openssh() {
	echo -e "\033[33m 3.1-unpacking OpenSSH...... \033[0m"
	sleep 3
	echo ""
	cd $file && tar -xvzf openssh*.tar.gz -C $file_install > /dev/null
	if [ -d $file_install/$openssh_version ];then
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e "  OpenSSh Unzip the source package successfully" "\033[32m Success\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
	else
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e "  OpenSSh Failed to decompress the source package,script exiting......" "\033[31m Error\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo ""
		sleep 4
	exit
	fi
	cp -rf /etc/ssh /etc/ssh_$date_time.bak #When cp is installed, the original configuration will not be overwritten
	echo ""
	echo -e "\033[33m 3.2-uninstalling OpenSSH Serve...... \033[0m"
	sleep 3
	echo ""
	rpm -e --nodeps `rpm -qa | grep openssh`> /dev/null 2>&1
	if [ $? -eq 0 ];then
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e " uninstall OpenSSH service success" "\033[32m Success\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo ""
		sleep 2
	else
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e "  uninstall OpenSSH service failed,script exiting......" "\033[31m Error\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo ""
		sleep 4
	exit
	fi
	echo ""
	echo -e "\033[33m 3.3-Compiling and installing OpenSSH Serve...... \033[0m"
	sleep 3
	echo ""
	cd $file_install/$openssh_version
	./configure --prefix=$default/$openssh_version --sysconfdir=/etc/ssh --with-ssl-dir=$default/$openssl_version --with-zlib=$default/$zlib_version >  $file_log/ssh/ssh_configure_$date_time.txt   #> /dev/null 2>&1
	if [ $? -eq 0 ];then
		echo -e "\033[33m make clean... \033[0m"
			make clean > /dev/null 2>&1
		echo $?
		echo -e "\033[33m make install... \033[0m"
			make install > /dev/null 2>&1
		echo $?
	else
		echo ""
		echo -e "\033[33m 3.3.1-reinstalling OpenSSH middle...... \033[0m"
		yum -y install openssh openssh-clients openssh-server
		# restore configuration
		rm -rf /etc/ssh
		mv /etc/ssh_$date_time.bak /etc/ssh
		# Modify key permissions
		chmod 600 /etc/ssh/ssh_host_rsa_key
		chmod 600 /etc/ssh/ssh_host_dsa_key
		chmod 600 /etc/ssh/ssh_host_ecdsa_key
		chmod 600 /etc/ssh/ssh_host_ed25519_key
		# start up
		systemctl start sshd
		echo ""
		echo -e "\033[33m output sshd service status: \033[33m"
		systemctl status sshd.service
		echo ""
		echo -e " reinstall openssh Version Information:  "
		echo ""
		ssh -V
		sleep 1
		echo ""
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e " Successfully reinstalled,Please confirm the configuration and then restart ssh! " "\033[32m Success\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo ""
		sleep 3
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e " Compile and install OpenSSH fail,script exiting......" "\033[31m Error\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo ""
		sleep 4
		exit
	fi
		
	echo ""
	echo -e "\033[33m--------------------------------------------------------------- \033[0m"
	echo -e " Compile and install OpenSSH " "\033[32m Success\033[0m"
	echo -e "\033[33m--------------------------------------------------------------- \033[0m"
	echo ""
	sleep 2
	echo -e "\033[32m==================== OpenSSH—file veriosn =================== \033[0m"
	echo ""
	/usr/local/$openssh_version/bin/ssh -V
	echo ""
	echo -e "\033[32m======================================================= \033[0m"
	sleep 3
	echo ""
	echo -e "\033[33m 3.4-migrating OpenSSH configuration file...... \033[0m"
	sleep 3
	echo ""
	# restore configuration
	rm -rf /etc/ssh
	mv /etc/ssh_$date_time.bak /etc/ssh
	#migrate sshd
	if [ -f  "/etc/init.d/sshd" ];then
		mv /etc/init.d/sshd /etc/init.d/sshd_$date_time.bak
	else
		echo -e " /etc/init.d/sshd does not exist " "\033[31m Not backed up(Ignorable)\033[0m"
	fi
	cp -rf $file_install/$openssh_version/contrib/redhat/sshd.init /etc/init.d/sshd;
	chmod u+x /etc/init.d/sshd;
	chkconfig --add sshd      #self-start
	chkconfig --list |grep sshd;
	chkconfig sshd on

	#Backup startup script, not necessarily
	if [ -f  "/usr/lib/systemd/system/sshd.service" ];then
		mv /usr/lib/systemd/system/sshd.service /usr/lib/systemd/system/sshd.service_bak
	else
		echo -e " sshd.service does not exist" "\033[31m Not backed up(Ignorable)\033[0m"
	fi
	#backup copy sshd.pam file
	if [ -f "/etc/pam.d/sshd.pam" ];then
		mv /etc/pam.d/sshd.pam /etc/pam.d/sshd.pam_$date_time.bak 
	else
		echo -e " sshd.pam does not exist" "\033[31m Not backed up(Ignorable)\033[0m"
	fi
	cp -rf $file_install/$openssh_version/contrib/redhat/sshd.pam /etc/pam.d/sshd.pam

	#restore configuration ssh_config	
	# cp -rf $file_install/$openssh_version/sshd_config /etc/ssh/sshd_config
	sed -i 's/Subsystem/#Subsystem/g' /etc/ssh/sshd_config
	echo "Subsystem sftp $default/$openssh_version/libexec/sftp-server" >> /etc/ssh/sshd_config
	# sed -i 's/#PasswordAuthentication\ yes/PasswordAuthentication\ yes/g' /etc/ssh/sshd_config
	cp -rf $default/$openssh_version/sbin/sshd /usr/sbin/sshd
	cp -rf /$default/$openssh_version/bin/ssh /usr/bin/ssh
	cp -rf $default/$openssh_version/bin/ssh-keygen /usr/bin/ssh-keygen
	#grep -v "[[:space:]]*#" /etc/ssh/sshd_config  |grep "PubkeyAuthentication yes"
	# echo 'PermitRootLogin no' >> /etc/ssh/sshd_config

	# Modify the permissions of the key
	chmod 600 /etc/ssh/ssh_host_rsa_key
	chmod 600 /etc/ssh/ssh_host_dsa_key
	chmod 600 /etc/ssh/ssh_host_ecdsa_key
	chmod 600 /etc/ssh/ssh_host_ed25519_key

	#restart sshd
	service sshd start > /dev/null 2>&1
	if [ $? -eq 0 ];then
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e " start up OpenSSH service success" "\033[32m Success\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo ""
		sleep 2
		#Delete the source package (can be modified)
		# rm -rf $file/*$zlib_version.tar.gz
		# rm -rf $file/*$openssl_version.tar.gz
		# rm -rf $file/*$openssh_version.tar.gz
		#rm -rf $file_install
		echo -e "\033[33m 3.5-exporting OpenSSH Version...... \033[0m"
		sleep 3
		echo ""
		echo -e "\033[32m==================== OpenSSH veriosn =================== \033[0m"
		echo ""
		ssh -V
		echo ""
		echo -e "\033[32m======================================================== \033[0m"
	else
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		echo -e " start up OpenSSH service failed,script exiting......" "\033[31m Error\033[0m"
		echo -e "\033[33m--------------------------------------------------------------- \033[0m"
		sleep 4
		exit
	fi
	echo ""
}

End_install() {
	##sshd status
	echo ""
	echo -e "\033[33m output sshd service status: \033[33m"
	sleep 2
	echo ""
	systemctl status sshd.service
	echo ""
	echo ""
	echo ""
	sleep 1
		
	echo -e "\033[33m==================== OpenSSH file =================== \033[0m"
	echo ""
	echo -e " current openssh Version Information:  "
	echo ""
	ssh -V
	echo ""
	echo -e " current openssl Version Information:  "
	echo ""
	openssl version
	echo ""
	echo -e " Openssh Upgrade backup directory:  " 
	cd  $file_backup && pwd
	cd ~
	echo ""
	echo -e " Please go to the upgrade log directory:  "
	cd  $file_log && pwd
	cd ~
	echo ""
	echo -e "\033[33m======================================================= \033[0m"
}


Install_make
Install_backup
Install_tar
Install_zlib
Install_openssl
Install_openssh
End_install

Tags: Linux Operation & Maintenance server

Posted by Tranquilraven on Mon, 19 Dec 2022 19:51:50 +0300