安装包

通过网盘分享的文件：openssh-openssl-curl_update 链接: https://pan.baidu.com/s/1I_vtwoa6_lqJlSqIgpbDnA?pwd=p5gp 提取码: p5gp

安装依赖

yum install gcc automake autoconf libtool make pam-devel-y

安装telnet-server

防止升级失败ssh登陆不上，使用telnet登陆

yum install telnet-server -y 
yum install xinetd -y

systemctl start xinetd.service
systemctl start telnet.socket

systemctl enable xinetd.service
systemctl enable telnet.socket

开启root登录：
在安全终端配置文件中添加：pts/0 pts/1
vi /etc/securetty
追加 pts/0 pts/1 两行

准备脚本

[root@nginx openssh-openssl-curl_update]# cat update_openssh_new.sh
#!/bin/bash

# 询问用户输入包路径和安装路径
read -t 60 -p "请输入您要把安装包放置的位置(编译包的位置,路径最后不得带/): " package_path
if [ -z "$package_path" ]; then
    package_path="/opt/update_openssh"
fi

read -t 60 -p "请输入安装的位置(路径最后不得带/): " install_path
if [ -z "$install_path" ]; then
    install_path="/usr/local/openssh-9.9-openssl-zlib"
fi
# 准备包
function ready_package() {
    mkdir -p "$package_path" || { echo "Failed to create $package_path"; return 1; }
    cd "$package_path" || { echo "Failed to change directory to $package_path"; return 1; }
    cp /root/openssh-openssl-curl_update/openssh-9.9p2.tar.gz "$package_path" || { echo "Failed to move openssh-9.9p2.tar.gz"; return 1; }
    cp /root/openssh-openssl-curl_update/openssl-1.1.1w.tar.gz "$package_path" || { echo "Failed to move openssl-1.1.1w.tar.gz"; return 1; }
    cp /root/openssh-openssl-curl_update/zlib-1.3.1.tar.gz "$package_path" || { echo "Failed to move zlib-1.3.1.tar.gz"; return 1; }
}

# 备份原版本
function backup_ssh() {
    mv /usr/bin/ssh /usr/bin/ssh.bak-old || { echo "Failed to backup /usr/bin/ssh"; return 1; }
    mv /etc/ssh /etc/ssh.bak-old || { echo "Failed to backup /etc/ssh"; return 1; }
    mv /usr/sbin/sshd /usr/sbin/sshd.bak-old || { echo "Failed to backup /usr/sbin/sshd"; return 1; }
    mv /usr/bin/openssl /usr/bin/openssl.bak-old || { echo "Failed to backup /usr/bin/openssl"; return 1; }
}

# 编译安装 zlib
function install_zlib() {
    mkdir -p "$install_path" || { echo "Failed to create $install_path"; return 1; }
    cd "$package_path" || { echo "Failed to change directory to $package_path"; return 1; }
    tar -xf zlib-1.3.1.tar.gz || { echo "Failed to extract zlib-1.3.1.tar.gz"; return 1; }
    cd zlib-1.3.1/ || { echo "Failed to change directory to zlib-1.3.1"; return 1; }
    ./configure --prefix="$install_path/zlib" || { echo "Failed to configure zlib"; return 1; }
    make && make install || { echo "Failed to install zlib"; return 1; }
}

# 编译安装 openssl
function install_openssl() {
    cd "$package_path" || { echo "Failed to change directory to $package_path"; return 1; }
    tar -xf openssl-1.1.1w.tar.gz || { echo "Failed to extract openssl-1.1.1w.tar.gz"; return 1; }
    cd openssl-1.1.1w/ || { echo "Failed to change directory to openssl-1.1.1w"; return 1; }
    ./config --prefix="$install_path/openssl" || { echo "Failed to configure openssl"; return 1; }
    make -j 4 && make install || { echo "Failed to install openssl"; return 1; }
    ln -sf "$install_path/openssl/lib/libcrypto.so.1.1" /usr/lib64/ || { echo "Failed to create symlink for libcrypto.so.1.1"; return 1; }
    ln -sf "$install_path/openssl/bin/openssl" /usr/bin/openssl || { echo "Failed to create symlink for openssl"; return 1; }
    ln -sf "$install_path/openssl/lib/libssl.so.1.1" /usr/lib64/ || { echo "Failed to create symlink for libssl.so.1.1"; return 1; }
}

# 安装 openssh
function install_openssh() {
    cd "$package_path" || { echo "Failed to change directory to $package_path"; return 1; }
    tar -xf openssh-9.9p2.tar.gz || { echo "Failed to extract openssh-9.9p2.tar.gz"; return 1; }
    cd openssh-9.9p2/ || { echo "Failed to change directory to openssh-9.9p2"; return 1; }
    ./configure --prefix="$install_path/openssh" --sysconfdir=/etc/ssh --with-zlib="$install_path/zlib" --with-ssl-dir="$install_path/openssl" --with-pam --without-openssl-header-check || { echo "Failed to configure openssh"; return 1; }
    make -j 4 && make install || { echo "Failed to install openssh"; return 1; }
    ln -sf "$install_path/openssh/sbin/sshd" /sbin/sshd || { echo "Failed to create symlink for sshd"; return 1; }
    ln -sf "$install_path/openssh/bin/ssh" /usr/bin/ssh || { echo "Failed to create symlink for ssh"; return 1; }
    ln -sf "$install_path/openssh/bin/scp" /usr/bin/scp || { echo "Failed to create symlink for scp"; return 1; }
    ln -sf "$install_path/openssh/bin/sftp" /usr/bin/sftp || { echo "Failed to create symlink for sftp"; return 1; }
    ln -sf "$install_path/openssh/bin/ssh-add" /usr/bin/ssh-add || { echo "Failed to create symlink for ssh-add"; return 1; }
    ln -sf "$install_path/openssh/bin/ssh-keygen" /usr/bin/ssh-keygen || { echo "Failed to create symlink for ssh-keygen"; return 1; }
    ln -sf "$install_path/openssh/bin/ssh-keyscan" /usr/bin/ssh-keyscan || { echo "Failed to create symlink for ssh-keyscan"; return 1; }
}

# 配置启动脚本
function ready_system() {
    systemctl stop sshd.service || { echo "Failed to stop sshd.service"; return 1; }
    mv /usr/lib/systemd/system/sshd.service /usr/lib/systemd/system/sshd.service.backup-old || { echo "Failed to backup sshd.service"; return 1; }
    cp $package_path/openssh-9.9p2/contrib/redhat/sshd.init /etc/init.d/sshd || { echo "Failed to copy sshd.init"; return 1; }
    systemctl daemon-reload || { echo "Failed to reload systemd manager configuration"; return 1; }
    /etc/init.d/sshd restart || { echo "Failed to restart sshd using init script"; return 1; }
    mv /etc/ssh/sshd_config /etc/ssh/sshd_config.bak || { echo "Failed to backup sshd_config"; return 1; }
    cp /etc/ssh.bak-old/sshd_config /etc/ssh/sshd_config || { echo "Failed to copy sshd_config"; return 1; }
    systemctl restart sshd || { echo "Failed to restart sshd using systemctl"; return 1; }
    systemctl enable sshd || { echo "Failed to enable sshd service"; return 1; }
}

# 添加环境变量
function add_environment_variable() {
    echo "export LD_LIBRARY_PATH=\"$install_path/openssl/lib:\$LD_LIBRARY_PATH\"" >> /etc/profile || { echo "Failed to add environment variable"; return 1; }
}

main() {
    if ! ready_package; then
        echo "Package preparation failed"; return 1;
    fi
    if ! backup_ssh; then
        echo "SSH backup failed"; return 1;
    fi
    if ! install_zlib; then
        echo "Zlib installation failed"; return 1;
    fi
    if ! install_openssl; then
        echo "OpenSSL installation failed"; return 1;
    fi
    if ! install_openssh; then
        echo "OpenSSH installation failed"; return 1;
    fi
    if ! ready_system; then
        echo "System configuration failed"; return 1;
    fi
    if ! add_environment_variable; then
        echo "Environment variable addition failed"; return 1;
    fi
    echo "All operations completed successfully"
}

main

由于在脚本中执行source不生效，所以还需再手动执行下：

source /etc/profile

如果升级之后，curl命令和yum命令不可用，说明升级跨度版本过大，需要升级curl命令的依赖：

mv curl-8.8.0.tar /opt/update_openssh/
cd /opt/update_openssh/
tar xf curl-8.8.0.tar
cd curl-8.8.0/
./configure --prefix=/usr/src --with-ssl=/usr/local/openssh-9.9-openssl/openssl
make && make install
mv /lib64/libcurl.so.4.6.0 /lib64/libcurl.so.4.6.0_bak
chmod +x /opt/update_openssh/curl-8.8.0/lib/.libs/libcurl.so.4.8.0
mv  /opt/update_openssh/curl-8.8.0/lib/.libs/libcurl.so.4.8.0  /lib64/libcurl.so.4.6.0
mv /usr/bin/curl /usr/bin/curl.bak
cd  /opt/update_openssh/curl-8.8.0/
mv ./src/.libs/curl /usr/bin/