linux上OpenSSH权限提升漏洞（CVE-2021-41617）修复

前言：修复这个问题很简单，升级一下ssh的版本就可以了，跟着下面的操作就可以升级

1.下载对应的包

yum install -y gcc openssl-devel zlib-devel wget

2.下载ssh的升级包

mkdir /data
cd /data
wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.8p1.tar.gz

3.解压编译ssh

tar xf openssh-8.8p1.tar.gz
cd /data/openssh-8.8p1
./configure &&make -j 2 &&make install

4.修改对应的配置文件

cp -r  /etc/ssh/sshd_config /etc/ssh/sshd_config_bak
\cp openssh-8.8p1/sshd_config /etc/ssh/sshd_config
sed -ri 's/^#(PermitRootLogin).*/\1 yes/g' /etc/ssh/sshd_config
sed -ri 's/^(Subsystem).*/\1 sftp \/usr\/libexec\/openssh\/sftp-server/g' /etc/ssh/sshd_config
echo "Ciphers aes128-ctr,aes192-ctr,aes256-ctr" >> /etc/ssh/sshd_config
echo 'OPTIONS="-f /etc/ssh/sshd_config"' >> /etc/sysconfig/sshd 
sed -ri 's/^(ExecStart=).*/\1\/usr\/local\/sbin\/sshd -D $OPTIONS/g' /usr/lib/systemd/system/sshd.service
sed -ri 's/^(Type=).*/\1simple/g'  /usr/lib/systemd/system/sshd.service

5.重启应用

systemctl daemon-reload
systemctl restart sshd
cp /usr/bin/ssh{,.bak}
cp /usr/local/bin/ssh /usr/bin/ssh

6.查看版本

ssh -V??