Nâng cấp phiên bản cho server linux chạy SSHD lên version mới nhất openssh-9.8p1.tar.gz
wget -c https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.8p1.tar.gz
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bk
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bk
tar -xzf openssh-9.8p1.tar.gz
cd openssh-9.8p1/
sudo apt-get install zlib1g-dev
sudo apt-get install libpam0g-dev
sudo apt-get install libselinux1-dev
sudo apt-get install build-essential
sudo apt-get install libssl-dev
sudo apt-get install libselinux1-dev
sudo ./configure --with-pam --with-selinux --with-privsep-path=/var/lib/sshd/ --sysconfdir=/etc/ssh
sudo make
sudo make install
sudo systemctl restart sshd
sshd -vChạy bằng Ansible
- hosts: all
vars:
home: '/opt/'
sshd_file: 'openssh-9.8p1.tar.gz'
download_url: 'https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/{{sshd_version}}'
download_dir: '{{ home }}'
become: yes
tasks:
# Run on Ubuntu
- name: Ensure required packages and installed and up to date apt
apt: pkg={{ item }} state=present
with_items:
- zlib1g-dev
- libpam0g-dev
- libselinux1-dev
- build-essential
- libssl-dev
- libselinux1-dev
when:
- ansible_facts['distribution'] == "Ubuntu"
# Run on CentOS
- name: Ensure required packages and installed and up to date yum
yum: pkg={{ item }} state=present
with_items:
- zlib1g-dev
- libpam0g-dev
- libselinux1-dev
- build-essential
- libssl-dev
- libselinux1-dev
when: ansible_distribution == 'CentOS' or ansible_distribution == 'Red Hat Enterprise Linux'
- name: Ensure sshd_file source downloaded
get_url: url={{ download_url }} dest={{download_dir}}/{{ sshd_file }}
- name: Extract sshd_file
command: tar -xzf {{download_dir}}/{{ sshd_file }} creates={{ curl_dir }}
- name: Build sshd_file
command: 'chdir={{ download_dir }}"{{ item }}"'
with_items:
- ./configure --with-pam --with-selinux --with-privsep-path=/var/lib/sshd/ --sysconfdir=/etc/ssh
- make
- make install
- name: restart sshd
service:
name: sshd
state: started
enabled: yes 
