Upgrade OpenSSH to 7.3p1 in Cent OS 6

upgrade-openssh-7.3p1-centos-6.7.sh

#!/bin/bash
# Copyright © 2016 Faishal Saiyed
cd
timestamp=$(date +%s)
if [ ! -f openssh-7.3.zip ]; then wget https://github.com/faishal/openssh-portable/releases/download/cent.os.6.7.openssh.7.3p1/openssh-7.3.zip; fi;
unzip -o openssh-7.3.zip -d openssh-7.3p1
cd openssh-7.3p1/
cp /etc/pam.d/sshd pam-ssh-conf-$timestamp
rpm -U *.rpm
yes | cp pam-ssh-conf-$timestamp /etc/pam.d/sshd
/etc/init.d/sshd restart

Awesome! I can confirm this works on CentOS 6.8 as well, thank you for the script. Did you build those RPMs yourself? I'd like to try a similar script to upgrade to OpenSSH-7.4p1 but that version requires OpenSSL-1.0.2k which isn't on the repos for CentOS 6.8 - I'm going to investigate this. Let me know if you have any ideas.

This is awesome. you inspired me to develop the same in future

Good work! OpenSSH-7.3p1 upgrade is working in centos 7 also.

Can you provide me script for OpenSSH-7.4p1 upgrade in centos7,

Small help for installing openssh7.5p1(latest) https://github.com/JESWINKNINAN/upgrade-openssh-7.5p1-centos

Worked beautifully on CENTOS 6.8. Thank you! It might be helpful to others to note that, at least in my case, when I ran the script to upgrade, it reset the PermitRootLogin to NO. When I restarted the sshd and logged out, it would not let me login again as root. You might want to edit /etc/ssh/sshd_config and set PermitRootLogin to yes if you login as root and want to get back in BEFORE you logout!

Arrrrgh!!!!! although this script works, running it will break any php scripts which communicate over ssh with the following error:

ssh2_connect(): Error starting up SSH connection(-5): Unable to exchange encryption keys...

I can only assume that is because libssh is not updated at the same time.
Does anyone know how I can go about fixing my now broken setup. ie how to install/upgrade the correct version of libssh for use with php

this is great...does anyone have procedure to upgrade openssh to 7.4? my linux is below
[root@mse1-co-cdom local]# cat /etc/redhat-release
CentOS release 6.10 (Final)

PERFECT! I was able to update openssh on CENTOS 6.8 on AWS!!

Hi,
FYI I just tried with CENTOS 6.9, and it has a problem with the dependency:
./upgrade-openssh.sh Archive: openssh-7.3.zip inflating: openssh-7.3p1/openssh-7.3p1-1.x86_64.rpm inflating: openssh-7.3p1/__MACOSX/._openssh-7.3p1-1.x86_64.rpm inflating: openssh-7.3p1/openssh-clients-7.3p1-1.x86_64.rpm inflating: openssh-7.3p1/__MACOSX/._openssh-clients-7.3p1-1.x86_64.rpm inflating: openssh-7.3p1/openssh-debuginfo-7.3p1-1.x86_64.rpm inflating: openssh-7.3p1/__MACOSX/._openssh-debuginfo-7.3p1-1.x86_64.rpm inflating: openssh-7.3p1/openssh-server-7.3p1-1.x86_64.rpm inflating: openssh-7.3p1/__MACOSX/._openssh-server-7.3p1-1.x86_64.rpm error: Failed dependencies: openssh = 5.3p1-123.el6_9 is needed by (installed) openssh-askpass-5.3p1-123.el6_9.x86_64 Stopping sshd: [ OK ] Starting sshd: [ OK ]

The thing I don't understand is that there appears to be the correct openssh already installed, so why is that dependency failing?

rpm -qa | grep openssh openssh-clients-5.3p1-123.el6_9.x86_64 openssh-askpass-5.3p1-123.el6_9.x86_64 openssh-5.3p1-123.el6_9.x86_64 openssh-server-5.3p1-123.el6_9.x86_64

Thanks,
Jim

Not suggesting anything here, but I would be cautions install openssh from anything that is not the formal openssh mirrors.

Avner,
That is a well-taken caution - thx for the reminder!

Hi faishal, I changed this script into ansible. when rpm -U *.rpm my machine went unreachable. I can't go to the machine. Can you help me out?

Do not follow @sivasshankar4s script I made a test and it changes my root password... Dude trying to hack with his work luckily I made this on a test VM.

Do not follow @sivasshankar4s script I made a test and it changes my root password... Dude trying to hack with his work luckily I made this on a test VM.

Thanks for reporting this.

Hi Faishal, I need 7.4p1 for Centos 6.10. Can you please help?

awesome script! thanks a lot!!