一、背景说明

BClinux8.6 安装的openssh 版本为9.3p1,经绿盟扫描,存在高危漏洞,需要升级到最新。

OpenSSH 命令注入漏洞(CVE-2020-15778)   

OpenSSH 安全漏洞(CVE-2023-38408)

BClinux8.6 制作openssh9.2p2 rpm升级包和升级实战-LMLPHP

 目前官网只提供编译安装包,而BClinux8.6 为rpm方式安装。

为了方便升级,先通过编译安装包,制作rpm包,并进行升级

如下为做好的rpm升级包,可直接下载使用:

openssh 9.3p2 for bclinux & 龙蜥Anolis 8.6版本

1.1 系统版本查看 cat /etc/os-release

[root@localhost ~]# cat /etc/os-release 
NAME="BigCloud Enterprise Linux"
VERSION="8.6 (Core)"
ID="bclinux"
ID_LIKE="rhel fedora"
VERSION_ID="8.6"
PLATFORM_ID="platform:an8"
PRETTY_NAME="BigCloud Enterprise Linux 8.6 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:bclinux:bclinux:8"
HOME_URL="https://mirrors.bclinux.org/"
BUG_REPORT_URL="https://bugs.bclinux.org/"

BCLINUX_BUGZILLA_PRODUCT="BigCloud Enterprise Linux 8 (Core)"
BCLINUX_BUGZILLA_PRODUCT_VERSION=8.6
BCLINUX_SUPPORT_PRODUCT="BigCloud Enterprise Linux 8 (Core)"
BCLINUX_SUPPORT_PRODUCT_VERSION=8.6

[root@localhost ~]# 

二、rpm包制作

2.1、安装制作的工具

dnf install rpm-build zlib-devel openssl-devel gcc perl-devel pam-devel libXt-devel gtk2-devel make perl -y

[root@localhost mysql]# dnf install rpm-build zlib-devel openssl-devel gcc perl-devel pam-devel  libXt-devel gtk2-devel make perl -y  
无法连接BC-Linux的YUM源服务器。
AppStream                                                                                                                                                                             176 kB/s | 4.3 kB     00:00    
BaseOS                                                                                                                                                                                349 kB/s | 3.8 kB     00:00    
软件包 rpm-build-4.14.3-23.0.1.an8.x86_64 已安装。
软件包 zlib-devel-1.2.11-18.0.1.an8_5.x86_64 已安装。
软件包 openssl-devel-1:1.1.1k-6.an8.x86_64 已安装。
软件包 gcc-8.5.0-10.1.0.1.an8_6.x86_64 已安装。
软件包 perl-devel-4:5.26.3-421.0.1.an8.x86_64 已安装。
软件包 pam-devel-1.3.1-16.0.1.an8.x86_64 已安装。
未找到匹配的参数:  libXt-devel
软件包 gtk2-devel-2.24.32-5.an8.x86_64 已安装。
软件包 make-1:4.2.1-11.0.1.an8.x86_64 已安装。
软件包 perl-4:5.26.3-421.0.1.an8.x86_64 已安装。
错误:没有任何匹配:  libXt-devel
[root@localhost mysql]# 

安装imake

dnf install imake  -y

##验证imake是否安装成功
[root@localhost mysql]# rpm -qa|grep imake
imake-1.0.7-11.el8.x86_64
[root@localhost mysql]# 

2.2下载源码

wget https://src.fedoraproject.org/repo/pkgs/openssh/x11-ssh-askpass-1.2.4.1.tar.gz/8f2e41f3f7eaa8543a2440454637f3c3/x11-ssh-askpass-1.2.4.1.tar.gz

wget https://mirrors.aliyun.com/pub/OpenBSD/OpenSSH/portable/openssh-9.3p2.tar.gz

2.3 初始化

##拷贝源码包到相应目录

mkdir -p /root/rpmbuild/SOURCES  
cp openssh-9.3p2.tar.gz /root/rpmbuild/SOURCES

cp x11-ssh-askpass-1.2.4.1.tar.gz /root/rpmbuild/SOURCES/  

##解压

[root@localhost ~]# cd rpmbuild/SOURCES/
[root@localhost SOURCES]# ls
openssh-9.3p2.tar.gz  x11-ssh-askpass-1.2.4.1.tar.gz
[root@localhost SOURCES]# tar -zxf openssh-9.3p2.tar.gz 

##解压源码包,拷贝spec文件

mkdir -p /root/rpmbuild/SPECS/  
   
[root@localhost openssh-9.3p2]# find ./ -name openssh.spec  
./contrib/redhat/openssh.spec
./contrib/suse/openssh.spec
[root@localhost openssh-9.3p2]#
[root@localhost openssh-9.3p2]# cp ./contrib/redhat/openssh.spec /root/rpmbuild/SPECS/

##尝试构建rpm包,提示报错:

[root@localhost SPECS]# rpmbuild -ba openssh.spec  
错误:构建依赖失败:  
        openssl-devel < 1.1 被 openssh-9.3p1-1.el8.bclinux.x86_64 需要  
[root@localhost SPECS]#

##解决方法

cd /root/rpmbuild/SPECS/  

vi openssh.spec  

注释如下行  

#BuildRequires: openssl-devel < 1.1 

2.4 rpm打包

再次执行成功:
rpmbuild -ba openssh.spec
等待编译完成

[root@localhost SPECS]# rpmbuild -ba openssh.spec 
正在执行(%prep):/bin/sh -e /var/tmp/rpm-tmp.YF6kWe
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd /root/rpmbuild/BUILD
+ rm -rf openssh-9.3p2
+ /usr/bin/gzip -dc /root/rpmbuild/SOURCES/openssh-9.3p2.tar.gz
+ /usr/bin/tar -xof -
+ STATUS=0
+ '[' 0 -ne 0 ']'
+ cd openssh-9.3p2
+ /usr/bin/gzip -dc /root/rpmbuild/SOURCES/x11-ssh-askpass-1.2.4.1.tar.gz
+ /usr/bin/tar -xof -
+ STATUS=0
+ '[' 0 -ne 0 ']'
+ /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w .
+ exit 0
正在执行(%build):/bin/sh -e /var/tmp/rpm-tmp.RndD6t
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd openssh-9.3p2
...
...
处理文件:openssh-askpass-9.3p2-1.el8.bclinux.x86_64
正在执行(%doc):/bin/sh -e /var/tmp/rpm-tmp.f9gsh6
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd openssh-9.3p2
+ DOCDIR=/root/rpmbuild/BUILDROOT/openssh-9.3p2-1.el8.bclinux.x86_64/usr/share/doc/openssh-askpass
+ export LC_ALL=C
+ LC_ALL=C
+ export DOCDIR
+ /usr/bin/mkdir -p /root/rpmbuild/BUILDROOT/openssh-9.3p2-1.el8.bclinux.x86_64/usr/share/doc/openssh-askpass
+ cp -pr x11-ssh-askpass-1.2.4.1/README /root/rpmbuild/BUILDROOT/openssh-9.3p2-1.el8.bclinux.x86_64/usr/share/doc/openssh-askpass
+ cp -pr x11-ssh-askpass-1.2.4.1/ChangeLog /root/rpmbuild/BUILDROOT/openssh-9.3p2-1.el8.bclinux.x86_64/usr/share/doc/openssh-askpass
+ cp -pr x11-ssh-askpass-1.2.4.1/SshAskpass-1337.ad x11-ssh-askpass-1.2.4.1/SshAskpass-NeXTish.ad x11-ssh-askpass-1.2.4.1/SshAskpass-default.ad x11-ssh-askpass-1.2.4.1/SshAskpass-green.ad x11-ssh-askpass-1.2.4.1/SshAskpass-motif.ad x11-ssh-askpass-1.2.4.1/SshAskpass.ad /root/rpmbuild/BUILDROOT/openssh-9.3p2-1.el8.bclinux.x86_64/usr/share/doc/openssh-askpass
+ exit 0
Provides: openssh-askpass = 9.3p2-1.el8.bclinux openssh-askpass(x86-64) = 9.3p2-1.el8.bclinux
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Requires: libICE.so.6()(64bit) libSM.so.6()(64bit) libX11.so.6()(64bit) libXt.so.6()(64bit) libc.so.6()(64bit) libc.so.6(GLIBC_2.2.5)(64bit) libc.so.6(GLIBC_2.3)(64bit) libc.so.6(GLIBC_2.3.4)(64bit) libc.so.6(GLIBC_2.4)(64bit) libc.so.6(GLIBC_2.7)(64bit) rtld(GNU_HASH)
Obsoletes: ssh-extras
处理文件:openssh-askpass-gnome-9.3p2-1.el8.bclinux.x86_64
Provides: config(openssh-askpass-gnome) = 9.3p2-1.el8.bclinux openssh-askpass-gnome = 9.3p2-1.el8.bclinux openssh-askpass-gnome(x86-64) = 9.3p2-1.el8.bclinux
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Requires: libX11.so.6()(64bit) libatk-1.0.so.0()(64bit) libc.so.6()(64bit) libc.so.6(GLIBC_2.2.5)(64bit) libc.so.6(GLIBC_2.3.4)(64bit) libc.so.6(GLIBC_2.4)(64bit) libcairo.so.2()(64bit) libfontconfig.so.1()(64bit) libfreetype.so.6()(64bit) libgdk-x11-2.0.so.0()(64bit) libgdk_pixbuf-2.0.so.0()(64bit) libgio-2.0.so.0()(64bit) libglib-2.0.so.0()(64bit) libgobject-2.0.so.0()(64bit) libgtk-x11-2.0.so.0()(64bit) libpango-1.0.so.0()(64bit) libpangocairo-1.0.so.0()(64bit) libpangoft2-1.0.so.0()(64bit) libpthread.so.0()(64bit) rtld(GNU_HASH)
Obsoletes: ssh-extras
处理文件:openssh-debugsource-9.3p2-1.el8.bclinux.x86_64
Provides: openssh-debugsource = 9.3p2-1.el8.bclinux openssh-debugsource(x86-64) = 9.3p2-1.el8.bclinux
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
处理文件:openssh-debuginfo-9.3p2-1.el8.bclinux.x86_64
Provides: debuginfo(build-id) = 6c26bac0b98a5d0ad61c9bae74017009f37c047b debuginfo(build-id) = 85858de18635278190d489849fadee3ac19509c5 debuginfo(build-id) = 87cf12a118712cb19012f45bd7c8111ea788b8ab debuginfo(build-id) = a16b8b66844755207a7f895cc26f640dd177eaa1 debuginfo(build-id) = f57df74f3d4c573ab24121f1e0f361f25981eba4 openssh-debuginfo = 9.3p2-1.el8.bclinux openssh-debuginfo(x86-64) = 9.3p2-1.el8.bclinux
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Recommends: openssh-debugsource(x86-64) = 9.3p2-1.el8.bclinux
处理文件:openssh-clients-debuginfo-9.3p2-1.el8.bclinux.x86_64
Provides: debuginfo(build-id) = 33f1de0944c4fc17007f8aa277d022349d7c1096 debuginfo(build-id) = 9e3215f23de8351987a810f1f536dcf198c52d71 debuginfo(build-id) = d499a0e4b5bc043ec638ba8f74a17dd1f1cbe6e8 debuginfo(build-id) = e4c12f130614fc283662118326edc04ea43e5f3a debuginfo(build-id) = fb476c2146c33b4da382b6e57bf5aea70562346d openssh-clients-debuginfo = 9.3p2-1.el8.bclinux openssh-clients-debuginfo(x86-64) = 9.3p2-1.el8.bclinux
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Recommends: openssh-debugsource(x86-64) = 9.3p2-1.el8.bclinux
处理文件:openssh-server-debuginfo-9.3p2-1.el8.bclinux.x86_64
Provides: debuginfo(build-id) = a07f6a46821037c7999968990593c2e8c6106deb debuginfo(build-id) = fb6f867b6fbcc5c3857771072d7f68c7546682ed openssh-server-debuginfo = 9.3p2-1.el8.bclinux openssh-server-debuginfo(x86-64) = 9.3p2-1.el8.bclinux
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Recommends: openssh-debugsource(x86-64) = 9.3p2-1.el8.bclinux
处理文件:openssh-askpass-debuginfo-9.3p2-1.el8.bclinux.x86_64
Provides: debuginfo(build-id) = 7e3cb3ce5d0c49f21c9b87eca8d0a16b82aebeca openssh-askpass-debuginfo = 9.3p2-1.el8.bclinux openssh-askpass-debuginfo(x86-64) = 9.3p2-1.el8.bclinux
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Recommends: openssh-debugsource(x86-64) = 9.3p2-1.el8.bclinux
处理文件:openssh-askpass-gnome-debuginfo-9.3p2-1.el8.bclinux.x86_64
Provides: debuginfo(build-id) = 633a8f67c8b45a46b0eb497745833faa5e24b640 openssh-askpass-gnome-debuginfo = 9.3p2-1.el8.bclinux openssh-askpass-gnome-debuginfo(x86-64) = 9.3p2-1.el8.bclinux
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Recommends: openssh-debugsource(x86-64) = 9.3p2-1.el8.bclinux
检查未打包文件:/usr/lib/rpm/check-files /root/rpmbuild/BUILDROOT/openssh-9.3p2-1.el8.bclinux.x86_64
已写至:/root/rpmbuild/SRPMS/openssh-9.3p2-1.el8.bclinux.src.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-9.3p2-1.el8.bclinux.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-clients-9.3p2-1.el8.bclinux.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-server-9.3p2-1.el8.bclinux.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-askpass-9.3p2-1.el8.bclinux.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-askpass-gnome-9.3p2-1.el8.bclinux.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-debugsource-9.3p2-1.el8.bclinux.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-debuginfo-9.3p2-1.el8.bclinux.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-clients-debuginfo-9.3p2-1.el8.bclinux.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-server-debuginfo-9.3p2-1.el8.bclinux.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-askpass-debuginfo-9.3p2-1.el8.bclinux.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-askpass-gnome-debuginfo-9.3p2-1.el8.bclinux.x86_64.rpm
正在执行(%clean):/bin/sh -e /var/tmp/rpm-tmp.SgHW9F
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd openssh-9.3p2
+ rm -rf /root/rpmbuild/BUILDROOT/openssh-9.3p2-1.el8.bclinux.x86_64
+ exit 0
[root@localhost SPECS]# 

2.5 查看制作后的rpm包

查看制作完成后生成的包:
[root@localhost x86_64]# ls -lrth /root/rpmbuild/RPMS/x86_64/

[root@localhost SPECS]# ls -lrth /root/rpmbuild/RPMS/x86_64/
总用量 6.2M
-rw-r--r-- 1 root root 681K 8月   6 09:57 openssh-9.3p2-1.el8.bclinux.x86_64.rpm
-rw-r--r-- 1 root root 655K 8月   6 09:57 openssh-clients-9.3p2-1.el8.bclinux.x86_64.rpm
-rw-r--r-- 1 root root 484K 8月   6 09:57 openssh-server-9.3p2-1.el8.bclinux.x86_64.rpm
-rw-r--r-- 1 root root  50K 8月   6 09:57 openssh-askpass-9.3p2-1.el8.bclinux.x86_64.rpm
-rw-r--r-- 1 root root  31K 8月   6 09:57 openssh-askpass-gnome-9.3p2-1.el8.bclinux.x86_64.rpm
-rw-r--r-- 1 root root 748K 8月   6 09:57 openssh-debugsource-9.3p2-1.el8.bclinux.x86_64.rpm
-rw-r--r-- 1 root root 1.1M 8月   6 09:57 openssh-debuginfo-9.3p2-1.el8.bclinux.x86_64.rpm
-rw-r--r-- 1 root root 1.5M 8月   6 09:57 openssh-clients-debuginfo-9.3p2-1.el8.bclinux.x86_64.rpm
-rw-r--r-- 1 root root 921K 8月   6 09:57 openssh-server-debuginfo-9.3p2-1.el8.bclinux.x86_64.rpm
-rw-r--r-- 1 root root  61K 8月   6 09:57 openssh-askpass-debuginfo-9.3p2-1.el8.bclinux.x86_64.rpm
-rw-r--r-- 1 root root  42K 8月   6 09:57 openssh-askpass-gnome-debuginfo-9.3p2-1.el8.bclinux.x86_64.rpm
[root@localhost SPECS]# 

三、使用制作好的rpm包进行升级

3.1 升级前备份

##利用制作的rpm包对openssh进行升级
升级前检查rpm版本

[root@localhost SPECS]# rpm -qa|grep openssh  
openssh-clients-9.3p1-1.el8.bclinux.x86_64
openssh-9.3p1-1.el8.bclinux.x86_64
openssh-server-9.3p1-1.el8.bclinux.x86_64
[root@localhost SPECS]#

##备份配置文件
[root@localhost x86_64]# cp /etc/ssh/sshd_config /etc/ssh/sshd_config.20230806

##升级只需准备如下3个包
openssh-clients-9.3p2-1.el8.bclinux.x86_64.rpm openssh-9.3p2-1.el8.bclinux.x86_64.rpm openssh-server-9.3p2-1.el8.bclinux.x86_64.rpm

[root@localhost ~]# ls -lrt openssh-*
-rw-r--r-- 1 root root 670648 8月   6 10:03 openssh-clients-9.3p2-1.el8.bclinux.x86_64.rpm
-rw-r--r-- 1 root root 696820 8月   6 10:03 openssh-9.3p2-1.el8.bclinux.x86_64.rpm
-rw-r--r-- 1 root root 495228 8月   6 10:03 openssh-server-9.3p2-1.el8.bclinux.x86_64.rpm
[root@localhost ~]# 

3.2 开始升级dnf install *.rpm

[root@localhost ~]# dnf localinstall *.rpm
无法连接BC-Linux的YUM源服务器。
上次元数据过期检查:0:29:54 前,执行于 2023年08月06日 星期日 09时37分33秒。
依赖关系解决。
======================================================================================================================================================================================================================
 软件包                                               架构                                        版本                                                        仓库                                               大小
======================================================================================================================================================================================================================
升级:
 openssh                                              x86_64                                      9.3p2-1.el8.bclinux                                         @commandline                                      680 k
 openssh-clients                                      x86_64                                      9.3p2-1.el8.bclinux                                         @commandline                                      655 k
 openssh-server                                       x86_64                                      9.3p2-1.el8.bclinux                                         @commandline                                      484 k

事务概要
======================================================================================================================================================================================================================
升级  3 软件包

总计:1.8 M
确定吗?[y/N]: y
下载软件包:
运行事务检查
事务检查成功。
运行事务测试
事务测试成功。
运行事务
  准备中  :                                                                                                                                                                                                       1/1 
  升级    : openssh-9.3p2-1.el8.bclinux.x86_64                                                                                                                                                                    1/6 
  升级    : openssh-clients-9.3p2-1.el8.bclinux.x86_64                                                                                                                                                            2/6 
  运行脚本: openssh-server-9.3p2-1.el8.bclinux.x86_64                                                                                                                                                             3/6 
  升级    : openssh-server-9.3p2-1.el8.bclinux.x86_64                                                                                                                                                             3/6 
  运行脚本: openssh-server-9.3p2-1.el8.bclinux.x86_64                                                                                                                                                             3/6 
  运行脚本: openssh-server-9.3p1-1.el8.bclinux.x86_64                                                                                                                                                             4/6 
  清理    : openssh-server-9.3p1-1.el8.bclinux.x86_64                                                                                                                                                             4/6 
  运行脚本: openssh-server-9.3p1-1.el8.bclinux.x86_64                                                                                                                                                             4/6 
  清理    : openssh-clients-9.3p1-1.el8.bclinux.x86_64                                                                                                                                                            5/6 
  清理    : openssh-9.3p1-1.el8.bclinux.x86_64                                                                                                                                                                    6/6 
  运行脚本: openssh-9.3p1-1.el8.bclinux.x86_64                                                                                                                                                                    6/6 
  验证    : openssh-9.3p2-1.el8.bclinux.x86_64                                                                                                                                                                    1/6 
  验证    : openssh-9.3p1-1.el8.bclinux.x86_64                                                                                                                                                                    2/6 
  验证    : openssh-clients-9.3p2-1.el8.bclinux.x86_64                                                                                                                                                            3/6 
  验证    : openssh-clients-9.3p1-1.el8.bclinux.x86_64                                                                                                                                                            4/6 
  验证    : openssh-server-9.3p2-1.el8.bclinux.x86_64                                                                                                                                                             5/6 
  验证    : openssh-server-9.3p1-1.el8.bclinux.x86_64                                                                                                                                                             6/6 

已升级:
  openssh-9.3p2-1.el8.bclinux.x86_64                                openssh-clients-9.3p2-1.el8.bclinux.x86_64                                openssh-server-9.3p2-1.el8.bclinux.x86_64                               

完毕!
[root@localhost ~]# 

查看ssh版本

[root@localhost ~]# ssh -V
OpenSSH_9.3p2, OpenSSL 1.1.1k  FIPS 25 Mar 2021
[root@localhost ~]# 

3.3 升级后ssh服务之后,重启ssh服务

##确认如下文件的权限为0600,如果不是,请修改为0600
[root@localhost ~]# ls -lrt /etc/ssh/ssh_host_ed25519_key  
-rw------- 1 root ssh_keys 387 4月   3 17:45 /etc/ssh/ssh_host_ed25519_key
[root@localhost ~]# 

##重启sshd服务
[root@localhost ~]# systemctl restart sshd
[root@localhost ~]# systemctl status sshd
● sshd.service - SYSV: OpenSSH server daemon
   Loaded: loaded (/etc/rc.d/init.d/sshd; generated)
   Active: active (running) since Sun 2023-08-06 10:09:36 CST; 1s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 2994907 ExecStop=/etc/rc.d/init.d/sshd stop (code=exited, status=0/SUCCESS)
  Process: 2994924 ExecStart=/etc/rc.d/init.d/sshd start (code=exited, status=0/SUCCESS)
 Main PID: 2994942 (sshd)
    Tasks: 17 (limit: 101087)
   Memory: 52.2M
   CGroup: /system.slice/sshd.service
           ├─ 303476 ./wgcloud-agent-release
           ├─2950065 sshd: sudoroot [priv]
           ├─2950067 sshd: sudoroot@pts/0,pts/1
           ├─2950068 -bash
           ├─2962229 -bash
           └─2994942 sshd: /usr/sbin/sshd [listener] 0 of 10-100 startups

8月 06 10:09:36 localhost.localdomain sshd[2994941]: This private key will@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
8月 06 10:09:36 localhost.localdomain sshd[2994941]: @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
8月 06 10:09:36 localhost.localdomain sshd[2994941]: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
8月 06 10:09:36 localhost.localdomain sshd[2994941]: Permissions 0640 for '/etc/ssh/ssh_host_ecdsa_key' are too open.
8月 06 10:09:36 localhost.localdomain sshd[2994941]: It is required that your private key files are NOT accessible by others.
8月 06 10:09:36 localhost.localdomain sshd[2994941]: This private key will be ignored.
8月 06 10:09:36 localhost.localdomain sshd[2994942]: Server listening on 0.0.0.0 port 22.
8月 06 10:09:36 localhost.localdomain sshd[2994942]: Server listening on :: port 22.
8月 06 10:09:36 localhost.localdomain sshd[2994924]: [  确定  ]
8月 06 10:09:36 localhost.localdomain systemd[1]: Started SYSV: OpenSSH server daemon.
[root@localhost ~]# 

3.4 查看ssh版本

##使用rpm查看openssh版本
[root@localhost ~]#  rpm -qa|grep openssh
openssh-server-9.3p2-1.el8.bclinux.x86_64
openssh-9.3p2-1.el8.bclinux.x86_64
openssh-clients-9.3p2-1.el8.bclinux.x86_64
[root@localhost ~]#
##使用ssh -V查看ssh版本
[root@localhost ~]# ssh -V
OpenSSH_9.3p2, OpenSSL 1.1.1k  FIPS 25 Mar 2021
[root@localhost ~]# 
08-06 11:49