升级openssh到最新版
- http://www.openssh.com/portable.html#http
— > 香港镜像: https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/
最新版: https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/openssh-8.4p1.tar.gz
yum groupinstall 'Development Tools'
wget https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/openssh-8.4p1.tar.gz
tar -xf openssh-8.4p1.tar.gz
cd openssh-8.4p1
./configure --prefix=/usr/local/openssh && make && make install
#编译结果:centos6/7可以共用
[root@test-c6 ~]# tree /usr/local/openssh
/usr/local/openssh
├── bin
│ ├── scp
│ ├── sftp
│ ├── ssh
│ ├── ssh-add
│ ├── ssh-agent
│ ├── ssh-keygen
│ └── ssh-keyscan
├── etc
│ ├── moduli
│ ├── ssh_config
│ ├── sshd_config
│ ├── ssh_host_dsa_key
│ ├── ssh_host_dsa_key.pub
│ ├── ssh_host_ecdsa_key
│ ├── ssh_host_ecdsa_key.pub
│ ├── ssh_host_ed25519_key
│ ├── ssh_host_ed25519_key.pub
│ ├── ssh_host_rsa_key
│ └── ssh_host_rsa_key.pub
├── libexec
│ ├── sftp-server
│ ├── ssh-keysign
│ ├── ssh-pkcs11-helper
│ └── ssh-sk-helper
├── sbin
│ └── sshd
└── share
└── man
├── man1
....
修改openssh的service文件
- centos6: 最好先移除开机启动,再重新添加
sed -i.bak -e 's/\s\+do_rsa1_keygen/#do_rsa1_keygen/' \
-e 's@/usr/bin@/usr/local/openssh/bin@g' \
-e 's@/usr/sbin@/usr/local/openssh/sbin@g \
-e 's@/etc/ssh@/usr/local/openssh/etc@g' \
/etc/init.d/sshd
sed -i '/#PermitRootLogin/aPermitRootLogin yes/' /usr/local/openssh/etc/sshd_config
- centos7: 最好先移除开机启动,再重新添加
sed -i.bak -e 's/^Wants/#Wants/' \
-e ' s/^Type/#Type/' \
-e 's@/usr/sbin/sshd@/usr/local/openssh/sbin/sshd@' \
/usr/lib/systemd/system/sshd.service
sed -i '/#PermitRootLogin/aPermitRootLogin yes/' /usr/local/openssh/etc/sshd_config
防毒软件clamav
安装:https://www.clamav.net/documents/installing-clamav
使用文档:https://www.clamav.net/documents/scanning#clamscan
yum install -y epel-release
yum install -y clamav
#setting up ClamAV’s official signatures升级病毒库
freshclam
#扫描病毒文件:并移动或删除
mkdir /var/lib/clamav/effected-files ; chown clam.clam /var/lib/clamav/effected-files
clamscan --exclude='/proc|/sys' --infected --log=/var/log/clamav/clamscan.log --move=/var/lib/clamav/effected-files -r /