制作OpenSSH 9.6 for openEuler 22.03 LTS的rpm升级包_openeuler升级openssh9.6-程序员宅基地
OpenSSH作为操作系统底层管理平台软件,需要保持更新以免遭受安全攻击,编译生成rpm包是生产环境中批量升级的最佳途径。本文在国产openEuler 22.03 LTS系统上完成OpenSSH 9.6的编译工作。
一、编译环境
1、准备环境
基于vmware workstation发布的x86虚拟机,最小化安装了openEuler 22.03 LTS,版本信息如下:
[root@localhost ~]# cat /etc/os-release
NAME="openEuler"
VERSION="22.03 LTS"
ID="openEuler"
VERSION_ID="22.03"
PRETTY_NAME="openEuler 22.03 LTS"
ANSI_COLOR="0;31"
[root@localhost ~]# rpm -qa|grep openssh
openssh-8.8p1-2.oe2203.x86_64
openssh-server-8.8p1-2.oe2203.x86_64
openssh-clients-8.8p1-2.oe2203.x86_64
[root@localhost ~]# ssh -V
OpenSSH_8.8p1, OpenSSL 1.1.1m 14 Dec 2021
[root@localhost ~]# sshd -V
unknown option -- V
OpenSSH_8.8p1, OpenSSL 1.1.1m 14 Dec 2021
usage: sshd [-46DdeiqTt] [-C connection_spec] [-c host_cert_file]
[-E log_file] [-f config_file] [-g login_grace_time]
[-h host_key_file] [-o option] [-p port] [-u len]
[root@localhost SPECS]# openssl
OpenSSL> version
OpenSSL 1.1.1m 14 Dec 2021
OpenSSL> exit2、修改系统源为阿里源
[root@localhost ~]# cp /etc/yum.repos.d/openEuler.repo{,.bak}
[root@localhost ~]# sed -i "s/repo.openeuler.org/mirrors.aliyun.com\/openeuler/g" /etc/yum.repos.d/openEuler.repo
[root@localhost ~]# cat /etc/yum.repos.d/openEuler.repo
#generic-repos is licensed under the Mulan PSL v2.
#You can use this software according to the terms and conditions of the Mulan PSL v2.
#You may obtain a copy of Mulan PSL v2 at:
# http://license.coscl.org.cn/MulanPSL2
#THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
#IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
#PURPOSE.
#See the Mulan PSL v2 for more details.
[OS]
name=OS
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/OS/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/OS/$basearch/RPM-GPG-KEY-openEuler
[everything]
name=everything
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/everything/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/everything/$basearch/RPM-GPG-KEY-openEuler
[EPOL]
name=EPOL
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/EPOL/main/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/OS/$basearch/RPM-GPG-KEY-openEuler
[debuginfo]
name=debuginfo
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/debuginfo/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/debuginfo/$basearch/RPM-GPG-KEY-openEuler
[source]
name=source
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/source/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/source/RPM-GPG-KEY-openEuler
[update]
name=update
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/update/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/OS/$basearch/RPM-GPG-KEY-openEuler
[root@localhost ~]# yum install tree -y3、准备编译所需目录
[root@localhost ~]# cd ~
[root@localhost ~]# mkdir -p rpmbuild/{SOURCES,SPECS}
[root@localhost ~]# tree
.
├── anaconda-ks.cfg
└── rpmbuild
├── SOURCES
└── SPECS
3 directories, 1 file4、准备源码包
4.1、源包版本
官网地址 当前版本
- SHA1 (openssh-9.6.tar.gz) = a6d4cb69811e879e2f158c2e597fd9f444b26506 - SHA256 (openssh-9.6.tar.gz) = nejPUhSnG1R1sOmIBi/t+HMNvsRqfN/DJgjwIU2tvqg= - SHA1 (openssh-9.6p1.tar.gz) = de300d09ec79fdbf37de4e6672cce4161439f2c3 - SHA256 (openssh-9.6p1.tar.gz) = kQIRwHJVqMWtZUORtA7lmABxDdgRndU2LeCThap6d3w=
附加程序:
x11-ssh-askpass-1.2.4.1
openssl-1.1.1v
4.2、下载实作
[root@localhost ~]# cd rpmbuild/SOURCES/
[root@localhost SOURCES]# wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.6p1.tar.gz --no-check-certificat
--2023-06-05 15:51:44-- https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.6p1.tar.gz
正在解析主机 cdn.openbsd.org (cdn.openbsd.org)... 146.75.115.52, 2a04:4e42:f::820
正在连接 cdn.openbsd.org (cdn.openbsd.org)|146.75.115.52|:443... 已连接。
警告: “cdn.openbsd.org” 的证书不可信。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:1857862 (1.8M) [application/octet-stream]
正在保存至: “openssh-9.6p1.tar.gz”
openssh-9.6p1.tar.gz 100%[=========================================================================>] 1.77M 1.28MB/s 用时 1.4s
2023-06-05 15:51:47 (1.28 MB/s) - 已保存 “openssh-9.6p1.tar.gz” [1857862/1857862])
[root@localhost SOURCES]# wget https://src.fedoraproject.org/repo/pkgs/openssh/x11-ssh-askpass-1.2.4.1.tar.gz/8f2e41f3f7eaa8543a2440454637f3c3/x11-ssh-askpass-1.2.4.1.tar.gz --no-check-certificat
--2023-06-05 15:52:32-- https://src.fedoraproject.org/repo/pkgs/openssh/x11-ssh-askpass-1.2.4.1.tar.gz/8f2e41f3f7eaa8543a2440454637f3c3/x11-ssh-askpass-1.2.4.1.tar.gz
正在解析主机 src.fedoraproject.org (src.fedoraproject.org)... 38.145.60.20, 38.145.60.21
正在连接 src.fedoraproject.org (src.fedoraproject.org)|38.145.60.20|:443... 已连接。
警告: “src.fedoraproject.org” 的证书不可信。
警告: “src.fedoraproject.org” 的证书还未生效。
证书还未激活
已发出 HTTP 请求,正在等待回应... 200 OK
长度:29229 (29K) [application/x-gzip]
正在保存至: “x11-ssh-askpass-1.2.4.1.tar.gz”
x11-ssh-askpass-1.2.4.1.tar.gz 100%[=========================================================================>] 28.54K 106KB/s 用时 0.3s
2023-06-05 15:52:33 (106 KB/s) - 已保存 “x11-ssh-askpass-1.2.4.1.tar.gz” [29229/29229])
[root@localhost SOURCES]# wget https://www.openssl.org/source/openssl-1.1.1v.tar.gz --no-check-certificate
--2023-06-05 15:52:54-- https://www.openssl.org/source/openssl-1.1.1v.tar.gz
正在解析主机 www.openssl.org (www.openssl.org)... 34.36.58.177, 2600:1901:0:1812::
正在连接 www.openssl.org (www.openssl.org)|34.36.58.177|:443... 已连接。
警告: “www.openssl.org” 的证书不可信。
警告: “www.openssl.org” 的证书还未生效。
证书还未激活
已发出 HTTP 请求,正在等待回应... 200 OK
长度:9893443 (9.4M) [application/x-tar]
正在保存至: “openssl-1.1.1v.tar.gz”
openssl-1.1.1v.tar.gz 100%[=========================================================================>] 9.43M 930KB/s 用时 10s
2023-06-05 15:53:05 (963 KB/s) - 已保存 “openssl-1.1.1v.tar.gz” [9893443/9893443])
[root@localhost SOURCES]# vi sshd.pam.oe2203
[root@localhost SOURCES]# cat sshd.pam.oe2203
#%PAM-1.0
auth substack password-auth
auth include postlogin
account required pam_sepermit.so
account required pam_nologin.so
account include password-auth
password include password-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open env_params
session required pam_namespace.so
session optional pam_keyinit.so force revoke
session optional pam_motd.so
session include password-auth
session include postlogin
[root@localhost SOURCES]# ll
总用量 12M
-rw-r--r--. 1 root root 1.8M 12月 18 2023 openssh-9.6p1.tar.gz
-rw-r--r--. 1 root root 727 6月 5 15:54 sshd.pam.oe2203
-rw-r--r--. 1 root root 29K 6月 26 2004 x11-ssh-askpass-1.2.4.1.tar.gz
-rw-r--r--. 1 root root 9.5M 1月 22 2024 openssl-1.1.1v.tar.gz5、安装编译所需软件包
[root@localhost SOURCES]# cd ../SPECS
[root@localhost SPECS]# yum install rpm-build zlib-devel openssl-devel gcc perl-devel pam-devel -y
Last metadata expiration check: 0:20:36 ago on 2023年06月05日 星期一 15时36分30秒.
Package gcc-10.3.1-10.oe2203.x86_64 is already installed.
Package perl-devel-4:5.34.0-3.oe2203.x86_64 is already installed.
Dependencies resolved.
=========================================================================================================================================================
Package Architecture Version Repository Size
=========================================================================================================================================================
Installing:
openssl-devel x86_64 1:1.1.1m-24.oe2203 update 1.8 M
pam-devel x86_64 1.5.2-7.oe2203 update 23 k
rpm-build x86_64 4.17.0-32.oe2203 update 69 k
zlib-devel x86_64 1.2.11-24.oe2203 update 90 k
Upgrading:
cpp x86_64 10.3.1-19.oe2203 update 9.0 M
gcc x86_64 10.3.1-19.oe2203 update 29 M
libgcc x86_64 10.3.1-19.oe2203 update 74 k
libgomp x86_64 10.3.1-19.oe2203 update 229 k
openssl x86_64 1:1.1.1m-24.oe2203 update 445 k
openssl-libs x86_64 1:1.1.1m-24.oe2203 update 1.4 M
pam x86_64 1.5.2-7.oe2203 update 439 k
perl x86_64 4:5.34.0-12.oe2203 update 3.2 M
perl-devel x86_64 4:5.34.0-12.oe2203 update 2.1 M
perl-libs x86_64 4:5.34.0-12.oe2203 update 1.7 M
python3-rpm x86_64 4.17.0-32.oe2203 update 79 k
rpm x86_64 4.17.0-32.oe2203 update 492 k
rpm-libs x86_64 4.17.0-32.oe2203 update 366 k
zlib x86_64 1.2.11-24.oe2203 update 88 k
Installing dependencies:
babeltrace x86_64 1.5.8-2.oe2203 OS 205 k
debugedit x86_64 5.0-2.oe2203 OS 74 k
dwz x86_64 0.14-3.oe2203 OS 119 k
e2fsprogs-devel x86_64 1.46.4-7.oe2203 OS 287 k
gdb-headless x86_64 11.1-7.oe2203 update 3.5 M
gmp-c++ x86_64 1:6.2.1-1.oe2203 OS 17 k
gmp-devel x86_64 1:6.2.1-1.oe2203 OS 449 k
isl x86_64 0.16.1-12.oe2203 update 799 k
isl-devel x86_64 0.16.1-12.oe2203 update 518 k
keyutils-libs-devel x86_64 1.6.3-3.oe2203 OS 12 k
krb5-devel x86_64 1.19.2-2.oe2203 OS 164 k
libipt x86_64 2.0.4-1.oe2203 OS 51 k
libselinux-devel x86_64 3.3-1.oe2203 OS 102 k
libsepol-devel x86_64 3.3-2.oe2203 OS 362 k
libverto-devel x86_64 0.3.2-1.oe2203 OS 17 k
patch x86_64 2.7.6-12.oe2203 OS 123 k
pcre2-devel x86_64 10.39-1.oe2203 OS 501 k
Transaction Summary
=========================================================================================================================================================
Install 21 Packages
Upgrade 14 Packages
Total download size: 57 M
Downloading Packages:
...
Upgraded:
cpp-10.3.1-19.oe2203.x86_64 gcc-10.3.1-19.oe2203.x86_64 libgcc-10.3.1-19.oe2203.x86_64 libgomp-10.3.1-19.oe2203.x86_64
openssl-1:1.1.1m-24.oe2203.x86_64 openssl-libs-1:1.1.1m-24.oe2203.x86_64 pam-1.5.2-7.oe2203.x86_64 perl-4:5.34.0-12.oe2203.x86_64
perl-devel-4:5.34.0-12.oe2203.x86_64 perl-libs-4:5.34.0-12.oe2203.x86_64 python3-rpm-4.17.0-32.oe2203.x86_64 rpm-4.17.0-32.oe2203.x86_64
rpm-libs-4.17.0-32.oe2203.x86_64 zlib-1.2.11-24.oe2203.x86_64
Installed:
babeltrace-1.5.8-2.oe2203.x86_64 debugedit-5.0-2.oe2203.x86_64 dwz-0.14-3.oe2203.x86_64
e2fsprogs-devel-1.46.4-7.oe2203.x86_64 gdb-headless-11.1-7.oe2203.x86_64 gmp-c++-1:6.2.1-1.oe2203.x86_64
gmp-devel-1:6.2.1-1.oe2203.x86_64 isl-0.16.1-12.oe2203.x86_64 isl-devel-0.16.1-12.oe2203.x86_64
keyutils-libs-devel-1.6.3-3.oe2203.x86_64 krb5-devel-1.19.2-2.oe2203.x86_64 libipt-2.0.4-1.oe2203.x86_64
libselinux-devel-3.3-1.oe2203.x86_64 libsepol-devel-3.3-2.oe2203.x86_64 libverto-devel-0.3.2-1.oe2203.x86_64
openssl-devel-1:1.1.1m-24.oe2203.x86_64 pam-devel-1.5.2-7.oe2203.x86_64 patch-2.7.6-12.oe2203.x86_64
pcre2-devel-10.39-1.oe2203.x86_64 rpm-build-4.17.0-32.oe2203.x86_64 zlib-devel-1.2.11-24.oe2203.x86_64
Complete!
[root@localhost SPECS]#6、 编写spec文件
[root@localhost SPECS]# vi /root/rpmbuild/SPECS/openssh.spec
[root@localhost SPECS]# cat openssh.spec
%{?!opensslver: %global opensslver 1.1.1v}
%{?!opensshver: %global opensshver 9.6p1}
%define static_openssl 1
# wheather to build openssl
%global no_build_openssl 0
#if defined openssl_dir, don't build it
%{?openssl_dir:%global no_build_openssl 1}
%global ver %{?opensshver}
%global rel %{?opensshpkgrel}%{?dist}oe2203
# OpenSSH privilege separation requires a user & group ID
%global sshd_uid 74
%global sshd_gid 74
# Version of ssh-askpass
%global aversion 1.2.4.1
# Do we want to disable building of x11-askpass? (1=yes 0=no)
%global no_x11_askpass 1
# Do we want to disable building of gnome-askpass? (1=yes 0=no)
%global no_gnome_askpass 1
# Do we want to link against a static libcrypto? (1=yes 0=no)
%global static_libcrypto 0
# Do we want smartcard support (1=yes 0=no)
%global scard 0
# Use GTK2 instead of GNOME in gnome-ssh-askpass
%global gtk2 1
# Use build6x options for older RHEL builds
# RHEL 7 not yet supported
%if 0%{?rhel} > 6
%global build6x 0
%else
%global build6x 0
%endif
# Do we want kerberos5 support (1=yes 0=no)
%global kerberos5 1
# Reserve options to override askpass settings with:
# rpm -ba|--rebuild --define 'skip_xxx 1'
%{?skip_x11_askpass:%global no_x11_askpass 1}
%{?skip_gnome_askpass:%global no_gnome_askpass 1}
# Add option to build without GTK2 for older platforms with only GTK+.
# RedHat <= 7.2 and Red Hat Advanced Server 2.1 are examples.
# rpm -ba|--rebuild --define 'no_gtk2 1'
%{?no_gtk2:%global gtk2 0}
# Is this a build for RHL 6.x or earlier?
%{?build_6x:%global build6x 1}
# If this is RHL 6.x, the default configuration has sysconfdir in /usr/etc.
%if %{build6x}
%global _sysconfdir /etc
%endif
# Options for static OpenSSL link:
# rpm -ba|--rebuild --define "static_openssl 1"
%{?static_openssl:%global static_libcrypto 1}
# Options for Smartcard support: (needs libsectok and openssl-engine)
# rpm -ba|--rebuild --define "smartcard 1"
%{?smartcard:%global scard 1}
# Is this a build for the rescue CD (without PAM, with MD5)? (1=yes 0=no)
%global rescue 0
%{?build_rescue:%global rescue 1}
# Turn off some stuff for resuce builds
%if %{rescue}
%global kerberos5 0
%endif
Summary: The OpenSSH implementation of SSH protocol version 2.
Name: openssh
Version: %{ver}
%if %{rescue}
Release: %{rel}rescue
%else
Release: %{rel}
%endif
URL: https://www.openssh.com/portable.html
Source0: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
Source1: http://www.jmknoble.net/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz
Source2: sshd.pam.oe2203
%if ! %{no_build_openssl}
Source3: https://www.openssl.org/source/openssl-%{opensslver}.tar.gz
%endif
License: BSD
Group: Applications/Internet
BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot
Obsoletes: ssh
%if %{build6x}
PreReq: initscripts >= 5.00
%else
Requires: initscripts >= 5.20
%endif
BuildRequires: perl
BuildRequires: /bin/login
%if ! %{build6x}
BuildRequires: glibc-devel, pam
%else
BuildRequires: /usr/include/security/pam_appl.h
%endif
%if ! %{no_x11_askpass}
BuildRequires: /usr/include/X11/Xlib.h
# Xt development tools
BuildRequires: libXt-devel
# Provides xmkmf
BuildRequires: imake
# Rely on relatively recent gtk
%if %{gtk2}
BuildRequires: gtk2-devel
%endif
%endif
%if ! %{no_gnome_askpass}
BuildRequires: pkgconfig
%endif
%if %{kerberos5}
BuildRequires: krb5-devel
BuildRequires: krb5-libs
%endif
%package clients
Summary: OpenSSH clients.
Requires: openssh = %{version}-%{release}
Group: Applications/Internet
Obsoletes: ssh-clients
%package server
Summary: The OpenSSH server daemon.
Group: System Environment/Daemons
Obsoletes: ssh-server
Requires: openssh = %{version}-%{release}, chkconfig >= 0.9
%if ! %{build6x}
Requires: /etc/pam.d/system-auth
%endif
%package askpass
Summary: A passphrase dialog for OpenSSH and X.
Group: Applications/Internet
Requires: openssh = %{version}-%{release}
Obsoletes: ssh-extras
%package askpass-gnome
Summary: A passphrase dialog for OpenSSH, X, and GNOME.
Group: Applications/Internet
Requires: openssh = %{version}-%{release}
Obsoletes: ssh-extras
%description
SSH (Secure SHell) is a program for logging into and executing
commands on a remote machine. SSH is intended to replace rlogin and
rsh, and to provide secure encrypted communications between two
untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.
OpenSSH is OpenBSD's version of the last free version of SSH, bringing
it up to date in terms of security and features, as well as removing
all patented algorithms to separate libraries.
This package includes the core files necessary for both the OpenSSH
client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.
%description clients
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package includes
the clients necessary to make encrypted connections to SSH servers.
You'll also need to install the openssh package on OpenSSH clients.
%description server
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package contains
the secure shell daemon (sshd). The sshd daemon allows SSH clients to
securely connect to your SSH server. You also need to have the openssh
package installed.
%description askpass
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package contains
an X11 passphrase dialog for OpenSSH.
%description askpass-gnome
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package contains
an X11 passphrase dialog for OpenSSH and the GNOME GUI desktop
environment.
%prep
%if ! %{no_x11_askpass}
%setup -q -a 1
%else
%setup -q
%endif
%if ! %{no_build_openssl}
%define openssl_dir %{_builddir}/%{name}-%{version}/openssl
mkdir -p openssl
tar xfz %{SOURCE3} --strip-components=1 -C openssl
pushd openssl
./config shared zlib -fPIC
make %{?_smp_mflags}
popd
%endif
%build
%if %{rescue}
CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS
%endif
export LD_LIBRARY_PATH="%{openssl_dir}"
%configure \
--sysconfdir=%{_sysconfdir}/ssh \
--libexecdir=%{_libexecdir}/openssh \
--datadir=%{_datadir}/openssh \
--with-default-path=/usr/local/bin:/bin:/usr/bin \
--with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
--with-privsep-path=%{_var}/empty/sshd \
--with-md5-passwords \
--mandir=%{_mandir} \
--with-mantype=man \
--disable-strip \
--with-ssl-dir="%{openssl_dir}" \
%if %{scard}
--with-smartcard \
%endif
%if %{rescue}
--without-pam \
%else
--with-pam \
%endif
%if %{kerberos5}
--with-kerberos5=$K5DIR \
%endif
%if %{static_libcrypto}
#perl -pi -e "s|-lcrypto|%{_libdir}/libcrypto.a|g" Makefile
perl -pi -e "s|-lcrypto|%{openssl_dir}/libcrypto.a -lpthread|g" Makefile
%endif
make %{?_smp_mflags}
%if ! %{no_x11_askpass}
pushd x11-ssh-askpass-%{aversion}
%configure --libexecdir=%{_libexecdir}/openssh
xmkmf -a
make -j
popd
%endif
# Define a variable to toggle gnome1/gtk2 building. This is necessary
# because RPM doesn't handle nested %if statements.
%if %{gtk2}
gtk2=yes
%else
gtk2=no
%endif
%if ! %{no_gnome_askpass}
pushd contrib
if [ $gtk2 = yes ] ; then
make gnome-ssh-askpass2
mv gnome-ssh-askpass2 gnome-ssh-askpass
else
make gnome-ssh-askpass1
mv gnome-ssh-askpass1 gnome-ssh-askpass
fi
popd
%endif
%install
rm -rf $RPM_BUILD_ROOT
mkdir -p -m755 $RPM_BUILD_ROOT%{_sysconfdir}/ssh
mkdir -p -m755 $RPM_BUILD_ROOT%{_libexecdir}/openssh
mkdir -p -m755 $RPM_BUILD_ROOT%{_var}/empty/sshd
make install DESTDIR=$RPM_BUILD_ROOT
echo -e 'PubkeyAcceptedAlgorithms +ssh-rsa\nUsePAM yes\nPermitRootLogin yes\nUseDNS no' >> $RPM_BUILD_ROOT/etc/ssh/sshd_config
install -d $RPM_BUILD_ROOT/etc/pam.d/
install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh
install -m755 contrib/ssh-copy-id $RPM_BUILD_ROOT/usr/bin/ssh-copy-id
install -m644 %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/sshd
install -m755 contrib/redhat/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
%if ! %{no_x11_askpass}
install x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/x11-ssh-askpass
ln -s x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/ssh-askpass
%endif
%if ! %{no_gnome_askpass}
install contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/gnome-ssh-askpass
%endif
%if ! %{scard}
rm -f $RPM_BUILD_ROOT/usr/share/openssh/Ssh.bin
%endif
%if ! %{no_gnome_askpass}
install -m 755 -d $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
install -m 755 contrib/redhat/gnome-ssh-askpass.csh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
install -m 755 contrib/redhat/gnome-ssh-askpass.sh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
%endif
perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/*
%clean
rm -rf $RPM_BUILD_ROOT
%triggerun server -- ssh-server
if [ "$1" != 0 -a -r /var/run/sshd.pid ] ; then
touch /var/run/sshd.restart
fi
%triggerun server -- openssh-server < 2.5.0p1
# Count the number of HostKey and HostDsaKey statements we have.
gawk 'BEGIN {IGNORECASE=1}
/^hostkey/ || /^hostdsakey/ {sawhostkey = sawhostkey + 1}
END {exit sawhostkey}' /etc/ssh/sshd_config
# And if we only found one, we know the client was relying on the old default
# behavior, which loaded the the SSH2 DSA host key when HostDsaKey wasn't
# specified. Now that HostKey is used for both SSH1 and SSH2 keys, specifying
# one nullifies the default, which would have loaded both.
if [ $? -eq 1 ] ; then
echo HostKey /etc/ssh/ssh_host_rsa_key >> /etc/ssh/sshd_config
echo HostKey /etc/ssh/ssh_host_dsa_key >> /etc/ssh/sshd_config
fi
%triggerpostun server -- ssh-server
if [ "$1" != 0 ] ; then
/sbin/chkconfig --add sshd
if test -f /var/run/sshd.restart ; then
rm -f /var/run/sshd.restart
/sbin/service sshd start > /dev/null 2>&1 || :
fi
fi
%pre server
%{_sbindir}/groupadd -r -g %{sshd_gid} sshd 2>/dev/null || :
%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \
-g sshd -M -r sshd 2>/dev/null || :
%post server
/sbin/chkconfig --add sshd
%postun server
/sbin/service sshd condrestart > /dev/null 2>&1 || :
%preun server
if [ "$1" = 0 ]
then
/sbin/service sshd stop > /dev/null 2>&1 || :
/sbin/chkconfig --del sshd
fi
%files
%defattr(-,root,root)
%doc CREDITS ChangeLog INSTALL LICENCE OVERVIEW README* PROTOCOL* TODO
%attr(0755,root,root) %{_bindir}/scp
%attr(0644,root,root) %{_mandir}/man1/scp.1*
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
%if ! %{rescue}
%attr(0755,root,root) %{_bindir}/ssh-keygen
%attr(0755,root,root) %{_bindir}/ssh-copy-id
%attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1*
%attr(0755,root,root) %dir %{_libexecdir}/openssh
%attr(4711,root,root) %{_libexecdir}/openssh/ssh-keysign
%attr(0755,root,root) %{_libexecdir}/openssh/ssh-pkcs11-helper
%attr(0755,root,root) %{_libexecdir}/openssh/ssh-sk-helper
%attr(0644,root,root) %{_mandir}/man8/ssh-keysign.8*
%attr(0644,root,root) %{_mandir}/man8/ssh-pkcs11-helper.8*
%attr(0644,root,root) %{_mandir}/man8/ssh-sk-helper.8*
%endif
%if %{scard}
%attr(0755,root,root) %dir %{_datadir}/openssh
%attr(0644,root,root) %{_datadir}/openssh/Ssh.bin
%endif
%files clients
%defattr(-,root,root)
%attr(0755,root,root) %{_bindir}/ssh
%attr(0644,root,root) %{_mandir}/man1/ssh.1*
%attr(0644,root,root) %{_mandir}/man5/ssh_config.5*
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
%if ! %{rescue}
%attr(2755,root,nobody) %{_bindir}/ssh-agent
%attr(0755,root,root) %{_bindir}/ssh-add
%attr(0755,root,root) %{_bindir}/ssh-keyscan
%attr(0755,root,root) %{_bindir}/sftp
%attr(0644,root,root) %{_mandir}/man1/ssh-agent.1*
%attr(0644,root,root) %{_mandir}/man1/ssh-add.1*
%attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1*
%attr(0644,root,root) %{_mandir}/man1/sftp.1*
%endif
%if ! %{rescue}
%files server
%defattr(-,root,root)
%dir %attr(0111,root,root) %{_var}/empty/sshd
%attr(0755,root,root) %{_sbindir}/sshd
%attr(0755,root,root) %{_libexecdir}/openssh/sftp-server
%attr(0644,root,root) %{_mandir}/man8/sshd.8*
%attr(0644,root,root) %{_mandir}/man5/moduli.5*
%attr(0644,root,root) %{_mandir}/man5/sshd_config.5*
%attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
%attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd
%attr(0755,root,root) %config /etc/rc.d/init.d/sshd
%endif
%if ! %{no_x11_askpass}
%files askpass
%defattr(-,root,root)
%doc x11-ssh-askpass-%{aversion}/README
%doc x11-ssh-askpass-%{aversion}/ChangeLog
%doc x11-ssh-askpass-%{aversion}/SshAskpass*.ad
%{_libexecdir}/openssh/ssh-askpass
%attr(0755,root,root) %{_libexecdir}/openssh/x11-ssh-askpass
%endif
%if ! %{no_gnome_askpass}
%files askpass-gnome
%defattr(-,root,root)
%attr(0755,root,root) %config %{_sysconfdir}/profile.d/gnome-ssh-askpass.*
%attr(0755,root,root) %{_libexecdir}/openssh/gnome-ssh-askpass
%endif7、查看当前文件情况
[root@localhost SPECS]# cd /root/rpmbuild && tree
.
├── SOURCES
│ ├── openssh-9.6p1.tar.gz
│ ├── openssl-1.1.1v.tar.gz
│ ├── sshd.pam.oe2203
│ └── x11-ssh-askpass-1.2.4.1.tar.gz
└── SPECS
└── openssh.spec
2 directories, 5 files二、编译rpm
1、编译
[root@localhost SPECS]# rpmbuild -bb openssh.spec
...
**************************************************
*** ***
*** Please run the same make command again ***
*** ***
**************************************************
make: *** [Makefile:688: configdata.pm] Error 1
错误:/var/tmp/rpm-tmp.nswfUe (%prep) 退出状态不好
...2、提示报错
提示报错 "make: *** [Makefile:688: configdata.pm] Error 1",系因时间不正确所致,修正时间:
[root@localhost SPECS]# date
2023年 06月 05日 星期一 15:02:45 CST
[root@localhost SPECS]# ntpdate -u ntp1.aliyun.com
29 Jan 17:02:23 ntpdate[10034]: step time server 120.25.115.20 offset +20570147.938882 sec
[root@localhost SPECS]# date
2024年 01月 29日 星期一 17:03:09 CST3、再次编译
[root@localhost SPECS]# rpmbuild -bb openssh.spec
警告:行 100:It's not recommended to have unversioned Obsoletes:Obsoletes: ssh
警告:行 136:It's not recommended to have unversioned Obsoletes:Obsoletes: ssh-clients
警告:行 141:It's not recommended to have unversioned Obsoletes:Obsoletes: ssh-server
警告:行 151:It's not recommended to have unversioned Obsoletes:Obsoletes: ssh-extras
警告:行 157:It's not recommended to have unversioned Obsoletes:Obsoletes: ssh-extras
正在执行(%prep):/bin/sh -e /var/tmp/rpm-tmp.4HNFWt
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd /root/rpmbuild/BUILD
+ rm -rf openssh-9.6p1
+ /usr/bin/gzip -dc /root/rpmbuild/SOURCES/openssh-9.6p1.tar.gz
+ /usr/bin/tar -xof -
+ STATUS=0
+ '[' 0 -ne 0 ']'
+ cd openssh-9.6p1
+ /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w .
+ mkdir -p openssl
+ tar xfz /root/rpmbuild/SOURCES/openssl-1.1.1v.tar.gz --strip-components=1 -C openssl
+ pushd openssl
~/rpmbuild/BUILD/openssh-9.6p1/openssl ~/rpmbuild/BUILD/openssh-9.6p1
+ ./config shared zlib -fPIC
Operating system: x86_64-whatever-linux2
Configuring OpenSSL version 1.1.1v (0x1010116fL) for linux-x86_64
Using os-specific seed configuration
Creating configdata.pm
Creating Makefile
**********************************************************************
*** ***
*** OpenSSL has been successfully configured ***
*** ***
*** If you encounter a problem while building, please open an ***
*** issue on GitHub <https://github.com/openssl/openssl/issues> ***
*** and include the output from the following command: ***
*** ***
*** perl configdata.pm --dump ***
*** ***
*** (If you are new to OpenSSL, you might want to consult the ***
*** 'Troubleshooting' section in the INSTALL file first) ***
*** ***
**********************************************************************
+ make -j2
/usr/bin/perl "-I." -Mconfigdata "util/dofile.pl" \
"-oMakefile" include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "util/dofile.pl" \
"-oMakefile" include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
...
处理文件:openssh-server-9.6p1-oe2203.x86_64
Provides: config(openssh-server) = 9.6p1-oe2203 openssh-server = 9.6p1-oe2203 openssh-server(x86-64) = 9.6p1-oe2203
Requires(interp): /bin/sh /bin/sh /bin/sh /bin/sh /bin/sh
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Requires(pre): /bin/sh
Requires(post): /bin/sh
Requires(preun): /bin/sh
Requires(postun): /bin/sh
Requires: /bin/bash libc.so.6()(64bit) libc.so.6(GLIBC_2.14)(64bit) libc.so.6(GLIBC_2.16)(64bit) libc.so.6(GLIBC_2.17)(64bit) libc.so.6(GLIBC_2.2.5)(64bit) libc.so.6(GLIBC_2.25)(64bit) libc.so.6(GLIBC_2.26)(64bit) libc.so.6(GLIBC_2.3)(64bit) libc.so.6(GLIBC_2.3.2)(64bit) libc.so.6(GLIBC_2.3.4)(64bit) libc.so.6(GLIBC_2.33)(64bit) libc.so.6(GLIBC_2.34)(64bit) libc.so.6(GLIBC_2.4)(64bit) libc.so.6(GLIBC_2.6)(64bit) libc.so.6(GLIBC_2.7)(64bit) libc.so.6(GLIBC_2.8)(64bit) libcom_err.so.2()(64bit) libcrypt.so.1()(64bit) libcrypt.so.1(XCRYPT_2.0)(64bit) libgssapi_krb5.so.2()(64bit) libgssapi_krb5.so.2(gssapi_krb5_2_MIT)(64bit) libk5crypto.so.3()(64bit) libkrb5.so.3()(64bit) libkrb5.so.3(krb5_3_MIT)(64bit) libpam.so.0()(64bit) libpam.so.0(LIBPAM_1.0)(64bit) libz.so.1()(64bit) rtld(GNU_HASH)
Obsoletes: ssh-server
处理文件:openssh-debuginfo-9.6p1-oe2203.x86_64
Provides: openssh-debuginfo = 9.6p1-oe2203 openssh-debuginfo(x86-64) = 9.6p1-oe2203
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Recommends: openssh-debugsource(x86-64) = 9.6p1-oe2203
处理文件:openssh-debugsource-9.6p1-oe2203.x86_64
Provides: openssh-debugsource = 9.6p1-oe2203 openssh-debugsource(x86-64) = 9.6p1-oe2203
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
检查未打包文件:/usr/lib/rpm/check-files /root/rpmbuild/BUILDROOT/openssh-9.6p1-oe2203.x86_64
已写至:/root/rpmbuild/RPMS/x86_64/openssh-debuginfo-9.6p1-oe2203.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-9.6p1-oe2203.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-server-9.6p1-oe2203.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-debugsource-9.6p1-oe2203.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-clients-9.6p1-oe2203.x86_64.rpm
正在执行(%clean):/bin/sh -e /var/tmp/rpm-tmp.2ymafB
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd openssh-9.6p1
+ rm -rf /root/rpmbuild/BUILDROOT/openssh-9.6p1-oe2203.x86_64
+ RPM_EC=0
++ jobs -p
+ exit 0
[root@localhost SPECS]# 4、保存最终文件
[root@localhost SPECS]# cd /opt
[root@localhost opt]# mkdir openssh-9.6p1-oe2203
[root@localhost opt]# cd openssh-9.6p1-oe2203/
[root@localhost openssh-9.6p1-oe2203]# cp /root/rpmbuild/RPMS/x86_64/*.rpm .
[root@localhost openssh-9.6p1-oe2203]# ll
总用量 16M
-rw-r--r--. 1 root root 4.7M 1月 29 17:25 openssh-9.6p1-oe2203.x86_64.rpm
-rw-r--r--. 1 root root 4.9M 1月 29 17:25 openssh-clients-9.6p1-oe2203.x86_64.rpm
-rw-r--r--. 1 root root 4.0M 1月 29 17:25 openssh-debuginfo-9.6p1-oe2203.x86_64.rpm
-rw-r--r--. 1 root root 786K 1月 29 17:25 openssh-debugsource-9.6p1-oe2203.x86_64.rpm
-rw-r--r--. 1 root root 1.5M 1月 29 17:25 openssh-server-9.6p1-oe2203.x86_64.rpm三、升级测试
1、更新程序
[root@localhost openssh-9.6p1-oe2203]# yum update *
OS 14 kB/s | 3.8 kB 00:00
everything 13 kB/s | 3.8 kB 00:00
EPOL 11 kB/s | 3.0 kB 00:00
debuginfo 27 kB/s | 3.8 kB 00:00
source 20 kB/s | 3.8 kB 00:00
update 8.5 kB/s | 3.5 kB 00:00
Package openssh-debuginfo not installed, cannot update it.
No match for argument: openssh-debuginfo-9.6p1-oe2203.x86_64.rpm
Package openssh-debugsource not installed, cannot update it.
No match for argument: openssh-debugsource-9.6p1-oe2203.x86_64.rpm
Dependencies resolved.
=========================================================================================================================================================
Package Architecture Version Repository Size
=========================================================================================================================================================
Upgrading:
openssh x86_64 9.6p1-oe2203 @commandline 4.7 M
openssh-clients x86_64 9.6p1-oe2203 @commandline 4.8 M
openssh-server x86_64 9.6p1-oe2203 @commandline 1.5 M
Transaction Summary
=========================================================================================================================================================
Upgrade 3 Packages
Total size: 11 M
Is this ok [y/N]: y
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: openssh-9.6p1-oe2203.x86_64 1/1
Upgrading : openssh-9.6p1-oe2203.x86_64 1/6
Upgrading : openssh-clients-9.6p1-oe2203.x86_64 2/6
Running scriptlet: openssh-server-9.6p1-oe2203.x86_64 3/6
Upgrading : openssh-server-9.6p1-oe2203.x86_64 3/6
警告:/etc/ssh/sshd_config 已建立为 /etc/ssh/sshd_config.rpmnew
Running scriptlet: openssh-server-9.6p1-oe2203.x86_64 3/6
Cleanup : openssh-clients-8.8p1-2.oe2203.x86_64 4/6
Cleanup : openssh-8.8p1-2.oe2203.x86_64 5/6
Running scriptlet: openssh-server-8.8p1-2.oe2203.x86_64 6/6
Cleanup : openssh-server-8.8p1-2.oe2203.x86_64 6/6
Running scriptlet: openssh-server-8.8p1-2.oe2203.x86_64 6/6
Verifying : openssh-9.6p1-oe2203.x86_64 1/6
Verifying : openssh-8.8p1-2.oe2203.x86_64 2/6
Verifying : openssh-clients-9.6p1-oe2203.x86_64 3/6
Verifying : openssh-clients-8.8p1-2.oe2203.x86_64 4/6
Verifying : openssh-server-9.6p1-oe2203.x86_64 5/6
Verifying : openssh-server-8.8p1-2.oe2203.x86_64 6/6
Upgraded:
openssh-9.6p1-oe2203.x86_64 openssh-clients-9.6p1-oe2203.x86_64 openssh-server-9.6p1-oe2203.x86_64
Complete!2、更新配置文件
[root@localhost openssh-9.6p1-oe2203]# ll /etc/ssh/sshd_config*
-rw-------. 1 root root 4.8K 5月 5 2023 /etc/ssh/sshd_config
-rw-------. 1 root root 3.2K 1月 29 17:08 /etc/ssh/sshd_config.rpmnew
[root@localhost openssh-9.6p1-oe2203]# cp /etc/ssh/sshd_config /etc/ssh/sshd_config.v8.8p1.bak
[root@localhost openssh-9.6p1-oe2203]# cp /etc/ssh/sshd_config.rpmnew /etc/ssh/sshd_config
cp:是否覆盖'/etc/ssh/sshd_config'? y
[root@localhost openssh-9.6p1-oe2203]# ll /etc/ssh/sshd_config*
-rw-------. 1 root root 3.2K 1月 29 17:28 /etc/ssh/sshd_config
-rw-------. 1 root root 3.2K 1月 29 17:08 /etc/ssh/sshd_config.rpmnew
-rw-------. 1 root root 4.8K 1月 29 17:28 /etc/ssh/sshd_config.v8.8p1.bak3、重启服务测试
[root@localhost openssh-9.6p1-oe2203]# systemctl restart sshd
[root@localhost openssh-9.6p1-oe2203]# systemctl status sshd
● sshd.service - SYSV: OpenSSH server daemon
Loaded: loaded (/etc/rc.d/init.d/sshd; generated)
Active: active (running) since Mon 2024-01-29 17:29:49 CST; 1s ago
Docs: man:systemd-sysv-generator(8)
Process: 32037 ExecStart=/etc/rc.d/init.d/sshd start (code=exited, status=0/SUCCESS)
Main PID: 32046 (sshd)
Tasks: 11 (limit: 4172)
Memory: 195.9M
CGroup: /system.slice/sshd.service
├─ 1500 "sshd: AAAA [priv]" "" "" ""
├─ 1504 "sshd: AAAA@notty" "" "" "" ""
├─ 1505 /usr/libexec/openssh/sftp-server -l INFO -f AUTH
├─ 1794 "sshd: AAAA [priv]" "" "" ""
├─ 1824 "sshd: AAAA@pts/0" "" "" "" ""
├─ 1825 -bash
├─ 1884 su -
├─ 1885 -bash
├─32046 "sshd: /usr/sbin/sshd [listener] 0 of 10-100 startups"
├─32048 systemctl status sshd
└─32049 less
1月 29 17:29:49 localhost.localdomain systemd[1]: Starting SYSV: OpenSSH server daemon...
1月 29 17:29:49 localhost.localdomain sshd[32043]: /sbin/restorecon: lstat(/etc/ssh/ssh_host_dsa_key.pub) failed: No such file or directory
1月 29 17:29:49 localhost.localdomain sshd[32046]: Server listening on 0.0.0.0 port 22.
1月 29 17:29:49 localhost.localdomain sshd[32046]: Server listening on :: port 22.
1月 29 17:29:49 localhost.localdomain sshd[32037]: Starting sshd:[ 确定 ]
1月 29 17:29:49 localhost.localdomain systemd[1]: Started SYSV: OpenSSH server daemon.4、提示信息消除
服务正常,有一异常提示“/sbin/restorecon: lstat(/etc/ssh/ssh_host_dsa_key.pub) failed: No such file or directory”,消除该提示
[root@localhost openssh-9.6p1-oe2203]# touch /etc/ssh/ssh_host_dsa_key.pub
[root@localhost openssh-9.6p1-oe2203]# systemctl restart sshd
[root@localhost openssh-9.6p1-oe2203]# systemctl status sshd
● sshd.service - SYSV: OpenSSH server daemon
Loaded: loaded (/etc/rc.d/init.d/sshd; generated)
Active: active (running) since Mon 2024-01-29 17:31:28 CST; 1s ago
Docs: man:systemd-sysv-generator(8)
Process: 32303 ExecStart=/etc/rc.d/init.d/sshd start (code=exited, status=0/SUCCESS)
Main PID: 32312 (sshd)
Tasks: 11 (limit: 4172)
Memory: 195.9M
CGroup: /system.slice/sshd.service
├─ 1500 "sshd: AAAA [priv]" "" "" ""
├─ 1504 "sshd: AAAA@notty" "" "" "" ""
├─ 1505 /usr/libexec/openssh/sftp-server -l INFO -f AUTH
├─ 1794 "sshd: AAAA [priv]" "" "" ""
├─ 1824 "sshd: AAAA@pts/0" "" "" "" ""
├─ 1825 -bash
├─ 1884 su -
├─ 1885 -bash
├─32312 "sshd: /usr/sbin/sshd [listener] 0 of 10-100 startups"
├─32340 systemctl status sshd
└─32341 less
1月 29 17:31:28 localhost.localdomain systemd[1]: Starting SYSV: OpenSSH server daemon...
1月 29 17:31:28 localhost.localdomain sshd[32312]: Server listening on 0.0.0.0 port 22.
1月 29 17:31:28 localhost.localdomain sshd[32312]: Server listening on :: port 22.
1月 29 17:31:28 localhost.localdomain sshd[32303]: Starting sshd:[ 确定 ]
1月 29 17:31:28 localhost.localdomain systemd[1]: Started SYSV: OpenSSH server daemon.5、远程发起重新连接,验证登录正常。
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
智能推荐
攻防世界_难度8_happy_puzzle_攻防世界困难模式攻略图文-程序员宅基地
文章浏览阅读645次。这个肯定是末尾的IDAT了,因为IDAT必须要满了才会开始一下个IDAT,这个明显就是末尾的IDAT了。,对应下面的create_head()代码。,对应下面的create_tail()代码。不要考虑爆破,我已经试了一下,太多情况了。题目来源:UNCTF。_攻防世界困难模式攻略图文
达梦数据库的导出(备份)、导入_达梦数据库导入导出-程序员宅基地
文章浏览阅读2.9k次,点赞3次,收藏10次。偶尔会用到,记录、分享。1. 数据库导出1.1 切换到dmdba用户su - dmdba1.2 进入达梦数据库安装路径的bin目录,执行导库操作 导出语句:./dexp cwy_init/[email protected]:5236 file=cwy_init.dmp log=cwy_init_exp.log 注释: cwy_init/init_123..._达梦数据库导入导出
js引入kindeditor富文本编辑器的使用_kindeditor.js-程序员宅基地
文章浏览阅读1.9k次。1. 在官网上下载KindEditor文件,可以删掉不需要要到的jsp,asp,asp.net和php文件夹。接着把文件夹放到项目文件目录下。2. 修改html文件,在页面引入js文件:<script type="text/javascript" src="./kindeditor/kindeditor-all.js"></script><script type="text/javascript" src="./kindeditor/lang/zh-CN.js"_kindeditor.js
STM32学习过程记录11——基于STM32G431CBU6硬件SPI+DMA的高效WS2812B控制方法-程序员宅基地
文章浏览阅读2.3k次,点赞6次,收藏14次。SPI的详情简介不必赘述。假设我们通过SPI发送0xAA,我们的数据线就会变为10101010,通过修改不同的内容,即可修改SPI中0和1的持续时间。比如0xF0即为前半周期为高电平,后半周期为低电平的状态。在SPI的通信模式中,CPHA配置会影响该实验,下图展示了不同采样位置的SPI时序图[1]。CPOL = 0,CPHA = 1:CLK空闲状态 = 低电平,数据在下降沿采样,并在上升沿移出CPOL = 0,CPHA = 0:CLK空闲状态 = 低电平,数据在上升沿采样,并在下降沿移出。_stm32g431cbu6
计算机网络-数据链路层_接收方收到链路层数据后,使用crc检验后,余数为0,说明链路层的传输时可靠传输-程序员宅基地
文章浏览阅读1.2k次,点赞2次,收藏8次。数据链路层习题自测问题1.数据链路(即逻辑链路)与链路(即物理链路)有何区别?“电路接通了”与”数据链路接通了”的区别何在?2.数据链路层中的链路控制包括哪些功能?试讨论数据链路层做成可靠的链路层有哪些优点和缺点。3.网络适配器的作用是什么?网络适配器工作在哪一层?4.数据链路层的三个基本问题(帧定界、透明传输和差错检测)为什么都必须加以解决?5.如果在数据链路层不进行帧定界,会发生什么问题?6.PPP协议的主要特点是什么?为什么PPP不使用帧的编号?PPP适用于什么情况?为什么PPP协议不_接收方收到链路层数据后,使用crc检验后,余数为0,说明链路层的传输时可靠传输
软件测试工程师移民加拿大_无证移民,未受过软件工程师的教育(第1部分)-程序员宅基地
文章浏览阅读587次。软件测试工程师移民加拿大 无证移民,未受过软件工程师的教育(第1部分) (Undocumented Immigrant With No Education to Software Engineer(Part 1))Before I start, I want you to please bear with me on the way I write, I have very little gen...
随便推点
Thinkpad X250 secure boot failed 启动失败问题解决_安装完系统提示secureboot failure-程序员宅基地
文章浏览阅读304次。Thinkpad X250笔记本电脑,装的是FreeBSD,进入BIOS修改虚拟化配置(其后可能是误设置了安全开机),保存退出后系统无法启动,显示:secure boot failed ,把自己惊出一身冷汗,因为这台笔记本刚好还没开始做备份.....根据错误提示,到bios里面去找相关配置,在Security里面找到了Secure Boot选项,发现果然被设置为Enabled,将其修改为Disabled ,再开机,终于正常启动了。_安装完系统提示secureboot failure
C++如何做字符串分割(5种方法)_c++ 字符串分割-程序员宅基地
文章浏览阅读10w+次,点赞93次,收藏352次。1、用strtok函数进行字符串分割原型: char *strtok(char *str, const char *delim);功能:分解字符串为一组字符串。参数说明:str为要分解的字符串,delim为分隔符字符串。返回值:从str开头开始的一个个被分割的串。当没有被分割的串时则返回NULL。其它:strtok函数线程不安全,可以使用strtok_r替代。示例://借助strtok实现split#include <string.h>#include <stdio.h&_c++ 字符串分割
2013第四届蓝桥杯 C/C++本科A组 真题答案解析_2013年第四届c a组蓝桥杯省赛真题解答-程序员宅基地
文章浏览阅读2.3k次。1 .高斯日记 大数学家高斯有个好习惯:无论如何都要记日记。他的日记有个与众不同的地方,他从不注明年月日,而是用一个整数代替,比如:4210后来人们知道,那个整数就是日期,它表示那一天是高斯出生后的第几天。这或许也是个好习惯,它时时刻刻提醒着主人:日子又过去一天,还有多少时光可以用于浪费呢?高斯出生于:1777年4月30日。在高斯发现的一个重要定理的日记_2013年第四届c a组蓝桥杯省赛真题解答
基于供需算法优化的核极限学习机(KELM)分类算法-程序员宅基地
文章浏览阅读851次,点赞17次,收藏22次。摘要:本文利用供需算法对核极限学习机(KELM)进行优化,并用于分类。
metasploitable2渗透测试_metasploitable2怎么进入-程序员宅基地
文章浏览阅读1.1k次。一、系统弱密码登录1、在kali上执行命令行telnet 192.168.26.1292、Login和password都输入msfadmin3、登录成功,进入系统4、测试如下:二、MySQL弱密码登录:1、在kali上执行mysql –h 192.168.26.129 –u root2、登录成功,进入MySQL系统3、测试效果:三、PostgreSQL弱密码登录1、在Kali上执行psql -h 192.168.26.129 –U post..._metasploitable2怎么进入
Python学习之路:从入门到精通的指南_python人工智能开发从入门到精通pdf-程序员宅基地
文章浏览阅读257次。本文将为初学者提供Python学习的详细指南,从Python的历史、基础语法和数据类型到面向对象编程、模块和库的使用。通过本文,您将能够掌握Python编程的核心概念,为今后的编程学习和实践打下坚实基础。_python人工智能开发从入门到精通pdf