修復說明:OpenSSH 7.7及之前版本中存在安全漏洞
OpenSSH(OpenBSD Secure Shell)是OpenBSD計划組所維護的一套用於安全訪問遠程計算機的連接工具。該工具是SSH協議的開源實現,支持對所有的傳輸進行加密,可有效阻止竊聽、連接劫持以及其他網絡級的攻擊。OpenSSH 7.7及之前版本中存在安全漏洞,該漏洞源於程序會對有效的和無效的身份驗證請求發出不同的響應。攻擊者可通過發送特制的請求利用該漏洞枚舉用戶名稱。
1)安裝telnet-server及xinetd
ll /etc/xinetd.d/telnet
cat /etc/securetty
echo '''pts/0
pts/1
pts/2
pts/3''' >> /etc/securetty
cat /etc/securetty
systemctl enable xinetd
systemctl enable telnet.socket
systemctl status telnet.socket
systemctl start telnet.socket
systemctl start xinetd
netstat -lntp|grep 23
systemctl status xinetd
systemctl restart telnet.socket
2)安裝相關依賴包:
yum install -y gcc gcc-c++ glibc make autoconf openssl openssl-devel pcre-devel pam-devel
yum install -y pam* zlib*
3)安裝openssl-1.0.2r 下載鏈接: https://openbsd.hk/pub/OpenBSD/OpenSSH/portable/
tar xfz openssl-1.0.2r.tar.gz
mv /usr/bin/openssl /usr/bin/openssl_bak
mv /usr/include/openssl /usr/include/openssl_bak
cd openssl-1.0.2r/
./config shared && make && make install
echo $?
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/ssl/include/openssl /usr/include/openssl
echo "/usr/local/ssl/lib" >> /etc/ld.so.conf
/sbin/ldconfig
openssl version
4)安裝openssh-8.0p1.tar.gz 下載鏈接:https://ftp.openssl.org/source/old/1.0.2/
tar -xzf openssh-8.0p1.tar.gz
cd openssh-8.0p1/
chown -R root.root ~/openssh-data/openssh-8.0p1
mv /usr/lib/systemd/system/sshd.service /app/
rm -rf /etc/ssh/*
./configure --prefix=/usr/ --sysconfdir=/etc/ssh --with-openssl-includes=/usr/local/ssl/include --with-ssl-dir=/usr/local/ssl --with-zlib --with-md5-passwords --with-pam && make && make install
cp -a contrib/redhat/sshd.init /etc/init.d/sshd
cp -a contrib/redhat/sshd.pam /etc/pam.d/sshd.pam
修改sshd服務配置:
vim /etc/ssh/sshd_config
chmod +x /etc/init.d/sshd
chkconfig --add sshd
systemctl enable sshd
systemctl status sshd
systemctl restart sshd
systemctl status sshd
systemctl stop sshd
systemctl status sshd
systemctl start sshd
systemctl status sshd
systemctl enable sshd
ssh -V
