内容纲要
CVE-2024-6387(Ubuntu修复方法)
只影响8.5p1 <= OpenSSH < 9.8p1
安装编译依赖
sudo apt-get update
sudo apt-get install -y build-essential zlib1g-dev libssl-dev下载指定版本源码
wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.8p1.tar.gz解压并进入目录
tar -xzf openssh-9.8p1.tar.gz
cd openssh-9.8p1编译和安装
./configure
make
sudo make install启动并检查安装
sudo systemctl restart ssh
ssh -V完整修复脚本保存为xf.sh chmod 777 xf.sh | ./xf.sh
#!/bin/bash
# 更新包列表
echo "更新包列表..."
sudo apt-get update
# 安装编译依赖
echo "安装编译依赖..."
sudo apt-get install -y build-essential zlib1g-dev libssl-dev
# 下载指定版本源码
echo "下载OpenSSH 9.8p1源码..."
wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.8p1.tar.gz
# 解压并进入目录
echo "解压OpenSSH 9.8p1源码..."
tar -xzf openssh-9.8p1.tar.gz
cd openssh-9.8p1
# 编译和安装
echo "编译和安装OpenSSH 9.8p1..."
./configure
make
sudo make install
# 启动并检查安装
echo "重启SSH服务并检查安装..."
sudo systemctl restart ssh
ssh -V
echo "OpenSSH 9.8p1 安装完成并成功启动。-By muyuanhuck.cn"
Comments NOTHING