文章目录
- debian12 - openssh-9.6.P1的编译安装(真机 - 联想G480)
- 概述
- 笔记
- G480上安装debian12
- 配置debian12
- 现在用WindTerm_2.6.0按照telnet方式去连接试试
- 配置debian12中的telnet
- 安装telnet服务
- 查看所有服务
- 当前ssh, telnet状态
- 准备更新openssl3.2和openssh
- 在真机上更新openssl和openssh的实验先不做了。
- END
debian12 - openssh-9.6.P1的编译安装(真机 - 联想G480)
概述
以前做了一个实验 debian12 - openssh-9.6.P1的编译安装, 是在vmware16虚拟机上做的。
和同学讨论问题,他那做不通,最后用telnet连不上debain12.
和他实验环境的差别,我用的虚拟机,他用的真机。
那我也用真机做个实验,看看和虚拟机有啥区别。
开始用得峰(Deffad)A17G本本做实验(得峰(Deffad)A17G本本 - 安装debian12)
发现安装完,不嫩正常使用debian12. 有好多命令都会在后台挂住,执行不完。
看看手头的设备,有一台联想G480, 可以拿来做真机实验。
找了一块没用的本本硬盘120GB, 换上,用U盘装debian12.
现在安装完,看起来正常用。
准备按照前面做过的笔记, 来配置debian12, 编译Openssl3.2,openssh, 并更新,看看从局域网ssh连接真机上的debian12, 看看是否正常。
笔记
G480上安装debian12
这步没遇到啥问题,正常安装就ok了。
电源线找不到了,我自己用插头 + 开关电源弄的。 DC20V
将 debian-12.4.0-amd64-DVD-1.iso,用ultraISO"写入硬盘镜像"写入的ISO的U盘启动盘做好
G480的BIOS设置为U盘启动优先,插入U盘,按照提示安装debian12,只从U盘中安装,从默认设置上,多选一个SSH服务器。
安装时,网络选有线网络。
安装完成后,拔掉U盘,安装过程结束,计算机重启。
安装完后,将无线wifi的密码设置好。
现在真机本本有2个IP:
有线的网络端口 IP = 192.168.1.5
无线的IP = 192.168.1.3
配置debian12
以前做好了笔记debian12.4配置
按照这个笔记,先将刚安装完的debian12先配置一下。
就用默认的ssh, 查看状态,ssh是在运行的。
在win10中,用WindTerm_2.6.0按照ssh去连接真机上的debian12, 给了IP, 用户名,口令,是可以连上的。
在WindTerm_2.6.0命令行中看debian12自带的openSSH版本为9.2P1
查看ssh服务状态。
现在用WindTerm_2.6.0按照telnet方式去连接试试
telnet 用的是23端口。
这是我没改的状态,就是安装完原装的组件。
用telnet连上去,马上就会被踢掉。
可以看到,还要在debian12中配置telnet,而不是说ssh服务有问题。
配置debian12中的telnet
用WindTerm_2.6.0按照ssh连接192.168.1.5
sudo apt-get install telnetd-ssl
sudo apt-get install telnet
sudo apt-get install xinetd
已经以上3步,已经存在 /usr/sbin/in.telnetd
增加配置文件 /etc/xinetd.d/telnet, 经过以上3步,并没有这个文件,需要自己增加
sudo vi /etc/xinetd.d/telnet
内容如下
service telnet
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
server_args = -h
log_on_failure += USERID
}
安装telnet服务
sudo systemctl status xinetd
# 看到xinetd服务在运行。
sudo systemctl restart xinetd
sudo systemctl status xinetd
看到telnet服务bind失败,应该是有程序已经启动了telnet-server
这时,用WindTerm_2.6.0按照telnet方式连接192.168.1.3,给定用户名为root, 给出口令后,登录成功。
看资料,用SSH比用telnet好,因为SSH会对内容进行加密,而telent直接传明文。
现在telnet服务已经起来了,就不管了。
查看所有服务
# 查看所有服务
systemctl list-units --all --type=service
root@debian12:~# systemctl list-units --all --type=service
UNIT LOAD ACTIVE SUB DESCRIPTION >
accounts-daemon.service loaded active running Accounts Service
alsa-restore.service loaded active exited Save/Restore Sound Card State
alsa-state.service loaded inactive dead Manage Sound Card State (restore and store)
anacron.service loaded inactive dead Run anacron jobs
apparmor.service loaded active exited Load AppArmor profiles
apt-daily-upgrade.service loaded inactive dead Daily apt upgrade and clean activities
apt-daily.service loaded inactive dead Daily apt download activities
* auditd.service not-found inactive dead auditd.service
* auto-cpufreq.service not-found inactive dead auto-cpufreq.service
avahi-daemon.service loaded active running Avahi mDNS/DNS-SD Stack
colord.service loaded active running Manage, Install and Generate Color Profiles
* connman.service not-found inactive dead connman.service
* console-screen.service not-found inactive dead console-screen.service
console-setup.service loaded active exited Set console font and keymap
cron.service loaded active running Regular background program processing daemon
cups-browsed.service loaded active running Make remote CUPS printers available locally
cups.service loaded active running CUPS Scheduler
dbus.service loaded active running D-Bus System Message Bus
dpkg-db-backup.service loaded inactive dead Daily dpkg database backup service
e2scrub_all.service loaded inactive dead Online ext4 Metadata Check for All Filesystems
e2scrub_reap.service loaded inactive dead Remove Stale Online ext4 Metadata Check Snapshots
emergency.service loaded inactive dead Emergency Shell
fstrim.service loaded inactive dead Discard unused blocks on filesystems from /etc/fstab
fwupd-refresh.service loaded inactive dead Refresh fwupd metadata and update motd
fwupd.service loaded active running Firmware update daemon
gdm.service loaded active running GNOME Display Manager
getty-static.service loaded inactive dead getty on tty2-tty6 if dbus and logind are not availa>
getty@tty1.service loaded inactive dead Getty on tty1
ifupdown-pre.service loaded active exited Helper to synchronize boot up for ifupdown
initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons
initrd-parse-etc.service loaded inactive dead Mountpoints Configured in the Real Root
initrd-switch-root.service loaded inactive dead Switch Root
initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udev Database
* kbd.service not-found inactive dead kbd.service
keyboard-setup.service loaded active exited Set the console keyboard layout
kmod-static-nodes.service loaded active exited Create List of Static Device Nodes
logrotate.service loaded inactive dead Rotate log files
low-memory-monitor.service loaded active running Low Memory Monitor
man-db.service loaded inactive dead Daily man-db regeneration
ModemManager.service loaded active running Modem Manager
modprobe@configfs.service loaded inactive dead Load Kernel Module configfs
modprobe@dm_mod.service loaded inactive dead Load Kernel Module dm_mod
modprobe@drm.service loaded inactive dead Load Kernel Module drm
modprobe@efi_pstore.service loaded inactive dead Load Kernel Module efi_pstore
modprobe@fuse.service loaded inactive dead Load Kernel Module fuse
modprobe@loop.service loaded inactive dead Load Kernel Module loop
networking.service loaded active exited Raise network interfaces
NetworkManager-wait-online.service loaded active exited Network Manager Wait Online
NetworkManager.service loaded active running Network Manager
* nslcd.service not-found inactive dead nslcd.service
packagekit.service loaded active running PackageKit Daemon
plymouth-quit-wait.service loaded active exited Hold until boot process finishes up
plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen
plymouth-read-write.service loaded active exited Tell Plymouth To Write Out Runtime Data
plymouth-start.service loaded active exited Show Plymouth Boot Screen
plymouth-switch-root.service loaded inactive dead Plymouth switch root service
polkit.service loaded active running Authorization Manager
power-profiles-daemon.service loaded active running Power Profiles daemon
rc-local.service loaded inactive dead /etc/rc.local Compatibility
rescue.service loaded inactive dead Rescue Shell
rsyslog.service loaded active running System Logging Service
rtkit-daemon.service loaded active running RealtimeKit Scheduling Policy Service
ssh.service loaded active running OpenBSD Secure Shell server
switcheroo-control.service loaded active running Switcheroo Control Proxy service
* system76-power.service not-found inactive dead system76-power.service
systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console
systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth
systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall
systemd-backlight@backlight:intel_backlight.service loaded active exited Load/Save Screen Backlight Brightness of backlight:i>
systemd-binfmt.service loaded active exited Set Up Additional Binary Formats
systemd-firstboot.service loaded inactive dead First Boot Wizard
systemd-fsck-root.service loaded inactive dead File System Check on Root Device
systemd-fsck@dev-disk-by\x2duuid-EEAA\x2d0AFD.service loaded active exited File System Check on /dev/disk/by-uuid/EEAA-0AFD
systemd-fsckd.service loaded inactive dead File System Check Daemon to report status
* systemd-hwdb-update.service not-found inactive dead systemd-hwdb-update.service
systemd-initctl.service loaded inactive dead initctl Compatibility Daemon
systemd-journal-flush.service loaded active exited Flush Journal to Persistent Storage
systemd-journald.service loaded active running Journal Service
systemd-logind.service loaded active running User Login Management
systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk
systemd-modules-load.service loaded active exited Load Kernel Modules
systemd-networkd.service loaded inactive dead Network Configuration
* systemd-oomd.service not-found inactive dead systemd-oomd.service
systemd-pcrphase-initrd.service loaded inactive dead TPM2 PCR Barrier (initrd)
systemd-pcrphase-sysinit.service loaded inactive dead TPM2 PCR Barrier (Initialization)
systemd-pcrphase.service loaded inactive dead TPM2 PCR Barrier (User)
systemd-pstore.service loaded inactive dead Platform Persistent Storage Archival
systemd-quotacheck.service loaded inactive dead File System Quota Check
systemd-random-seed.service loaded active exited Load/Save Random Seed
systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems
systemd-repart.service loaded inactive dead Repartition Root Disk
systemd-rfkill.service loaded inactive dead Load/Save RF Kill Switch Status
systemd-sysctl.service loaded active exited Apply Kernel Variables
systemd-sysext.service loaded inactive dead Merge System Extension Images into /usr/ and /opt/
systemd-sysusers.service loaded active exited Create System Users
systemd-timesyncd.service loaded active running Network Time Synchronization
systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories
systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev
systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories
systemd-udev-settle.service loaded inactive dead Wait for udev To Complete Device Initialization
systemd-udev-trigger.service loaded active exited Coldplug All udev Devices
systemd-udevd.service loaded active running Rule-based Manager for Device Events and Files
* systemd-update-done.service not-found inactive dead systemd-update-done.service
systemd-update-utmp-runlevel.service loaded inactive dead Record Runlevel Change in UTMP
systemd-update-utmp.service loaded active exited Record System Boot/Shutdown in UTMP
systemd-user-sessions.service loaded active exited Permit User Sessions
* systemd-vconsole-setup.service not-found inactive dead systemd-vconsole-setup.service
* tuned.service not-found inactive dead tuned.service
udisks2.service loaded active running Disk Manager
upower.service loaded active running Daemon for power management
user-runtime-dir@0.service loaded active exited User Runtime Directory /run/user/0
user-runtime-dir@1000.service loaded active exited User Runtime Directory /run/user/1000
user@0.service loaded active running User Manager for UID 0
user@1000.service loaded active running User Manager for UID 1000
wpa_supplicant.service loaded active running WPA supplicant
xinetd.service loaded active running LSB: Starts or stops the xinetd daemon.
LOAD = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB = The low-level unit activation state, values depend on unit type.
116 loaded units listed.
To show all installed unit files use 'systemctl list-unit-files'.
当前ssh, telnet状态
当前真机有2个网络连接,1个有限网口(IP = 192.168.1.5),一个wifi网口(IP = 192.168.1.3)
现在用WindTerm_2.6.0按照ssh方式连接192.168.1.5成功
现在用WindTerm_2.6.0按照telnet方式连接192.168.1.3成功
经过以上2条的验证,可知,当前用debian12原版的软件包,配置后,ssh和telnet都正常。
准备更新openssl3.2和openssh
跟同学讨论问题,他一直拿telnet来说不好使, 而不说openssh是否好使。而我可以确定的是,我提供的更新方法可以让openssh正常更新到openssl3.2,使ssh操作都是用新版的openssl3.2
我现在有点明白了,要用telnet正常,更新的应该是telnet-ssl或者telnet-server, 而不是openssh.因为我实验没做完,不敢肯定telnet正常用时,要更新哪个。但是我可以确定,更新的一定不是openssh
只有用ssh, 才需要更新openssl3.2和opennssh9.6.
在真机上更新openssl和openssh的实验先不做了。
感觉不是真机和虚拟机的区别。
从问题的分析结果看,telnet更新openssl后不好使,是因为telnet-server没更新。
等以后想在真机上更新openssl和openssh时,就照着以前的笔记来,如果(真机和虚拟机)真有区别,再更新笔记。
debian12 - openssh-9.6.P1的编译安装
