文章目录
- debian12 - openssh-9.6.P1的编译安装(真机 - 联想G480)
- 概述
- 笔记
- G480上安装debian12
- 配置debian12
- 现在用WindTerm_2.6.0按照telnet方式去连接试试
- 配置debian12中的telnet
- 安装telnet服务
- 查看所有服务
- 当前ssh, telnet状态
- 准备更新openssl3.2和openssh
- 在真机上更新openssl和openssh的实验先不做了。
- END
debian12 - openssh-9.6.P1的编译安装(真机 - 联想G480)
概述
以前做了一个实验 debian12 - openssh-9.6.P1的编译安装, 是在vmware16虚拟机上做的。
和同学讨论问题,他那做不通,最后用telnet连不上debain12.
和他实验环境的差别,我用的虚拟机,他用的真机。
那我也用真机做个实验,看看和虚拟机有啥区别。
开始用得峰(Deffad)A17G本本做实验(得峰(Deffad)A17G本本 - 安装debian12)
发现安装完,不嫩正常使用debian12. 有好多命令都会在后台挂住,执行不完。
看看手头的设备,有一台联想G480, 可以拿来做真机实验。
找了一块没用的本本硬盘120GB, 换上,用U盘装debian12.
现在安装完,看起来正常用。
准备按照前面做过的笔记, 来配置debian12, 编译Openssl3.2,openssh, 并更新,看看从局域网ssh连接真机上的debian12, 看看是否正常。
笔记
G480上安装debian12
这步没遇到啥问题,正常安装就ok了。
电源线找不到了,我自己用插头 + 开关电源弄的。 DC20V
将 debian-12.4.0-amd64-DVD-1.iso,用ultraISO"写入硬盘镜像"写入的ISO的U盘启动盘做好
G480的BIOS设置为U盘启动优先,插入U盘,按照提示安装debian12,只从U盘中安装,从默认设置上,多选一个SSH服务器。
安装时,网络选有线网络。
安装完成后,拔掉U盘,安装过程结束,计算机重启。
安装完后,将无线wifi的密码设置好。
现在真机本本有2个IP:
有线的网络端口 IP = 192.168.1.5
无线的IP = 192.168.1.3
配置debian12
以前做好了笔记debian12.4配置
按照这个笔记,先将刚安装完的debian12先配置一下。
就用默认的ssh, 查看状态,ssh是在运行的。
在win10中,用WindTerm_2.6.0按照ssh去连接真机上的debian12, 给了IP, 用户名,口令,是可以连上的。
在WindTerm_2.6.0命令行中看debian12自带的openSSH版本为9.2P1
查看ssh服务状态。
现在用WindTerm_2.6.0按照telnet方式去连接试试
telnet 用的是23端口。
这是我没改的状态,就是安装完原装的组件。
用telnet连上去,马上就会被踢掉。
可以看到,还要在debian12中配置telnet,而不是说ssh服务有问题。
配置debian12中的telnet
用WindTerm_2.6.0按照ssh连接192.168.1.5
sudo apt-get install telnetd-ssl
sudo apt-get install telnet
sudo apt-get install xinetd
已经以上3步,已经存在 /usr/sbin/in.telnetd
增加配置文件 /etc/xinetd.d/telnet, 经过以上3步,并没有这个文件,需要自己增加
sudo vi /etc/xinetd.d/telnet
内容如下
service telnet
{ disable = no flags = REUSE socket_type = stream wait = no user = root server = /usr/sbin/in.telnetd server_args = -h log_on_failure += USERID
}
安装telnet服务
sudo systemctl status xinetd
# 看到xinetd服务在运行。sudo systemctl restart xinetd
sudo systemctl status xinetd
看到telnet服务bind失败,应该是有程序已经启动了telnet-server
这时,用WindTerm_2.6.0按照telnet方式连接192.168.1.3,给定用户名为root, 给出口令后,登录成功。
看资料,用SSH比用telnet好,因为SSH会对内容进行加密,而telent直接传明文。现在telnet服务已经起来了,就不管了。
查看所有服务
# 查看所有服务
systemctl list-units --all --type=serviceroot@debian12:~# systemctl list-units --all --type=serviceUNIT LOAD ACTIVE SUB DESCRIPTION >accounts-daemon.service loaded active running Accounts Servicealsa-restore.service loaded active exited Save/Restore Sound Card Statealsa-state.service loaded inactive dead Manage Sound Card State (restore and store)anacron.service loaded inactive dead Run anacron jobsapparmor.service loaded active exited Load AppArmor profilesapt-daily-upgrade.service loaded inactive dead Daily apt upgrade and clean activitiesapt-daily.service loaded inactive dead Daily apt download activities
* auditd.service not-found inactive dead auditd.service
* auto-cpufreq.service not-found inactive dead auto-cpufreq.serviceavahi-daemon.service loaded active running Avahi mDNS/DNS-SD Stackcolord.service loaded active running Manage, Install and Generate Color Profiles
* connman.service not-found inactive dead connman.service
* console-screen.service not-found inactive dead console-screen.serviceconsole-setup.service loaded active exited Set console font and keymapcron.service loaded active running Regular background program processing daemoncups-browsed.service loaded active running Make remote CUPS printers available locallycups.service loaded active running CUPS Schedulerdbus.service loaded active running D-Bus System Message Busdpkg-db-backup.service loaded inactive dead Daily dpkg database backup servicee2scrub_all.service loaded inactive dead Online ext4 Metadata Check for All Filesystemse2scrub_reap.service loaded inactive dead Remove Stale Online ext4 Metadata Check Snapshotsemergency.service loaded inactive dead Emergency Shellfstrim.service loaded inactive dead Discard unused blocks on filesystems from /etc/fstabfwupd-refresh.service loaded inactive dead Refresh fwupd metadata and update motdfwupd.service loaded active running Firmware update daemongdm.service loaded active running GNOME Display Managergetty-static.service loaded inactive dead getty on tty2-tty6 if dbus and logind are not availa>getty@tty1.service loaded inactive dead Getty on tty1ifupdown-pre.service loaded active exited Helper to synchronize boot up for ifupdowninitrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemonsinitrd-parse-etc.service loaded inactive dead Mountpoints Configured in the Real Rootinitrd-switch-root.service loaded inactive dead Switch Rootinitrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udev Database
* kbd.service not-found inactive dead kbd.servicekeyboard-setup.service loaded active exited Set the console keyboard layoutkmod-static-nodes.service loaded active exited Create List of Static Device Nodeslogrotate.service loaded inactive dead Rotate log fileslow-memory-monitor.service loaded active running Low Memory Monitorman-db.service loaded inactive dead Daily man-db regenerationModemManager.service loaded active running Modem Managermodprobe@configfs.service loaded inactive dead Load Kernel Module configfsmodprobe@dm_mod.service loaded inactive dead Load Kernel Module dm_modmodprobe@drm.service loaded inactive dead Load Kernel Module drmmodprobe@efi_pstore.service loaded inactive dead Load Kernel Module efi_pstoremodprobe@fuse.service loaded inactive dead Load Kernel Module fusemodprobe@loop.service loaded inactive dead Load Kernel Module loopnetworking.service loaded active exited Raise network interfacesNetworkManager-wait-online.service loaded active exited Network Manager Wait OnlineNetworkManager.service loaded active running Network Manager
* nslcd.service not-found inactive dead nslcd.servicepackagekit.service loaded active running PackageKit Daemonplymouth-quit-wait.service loaded active exited Hold until boot process finishes upplymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screenplymouth-read-write.service loaded active exited Tell Plymouth To Write Out Runtime Dataplymouth-start.service loaded active exited Show Plymouth Boot Screenplymouth-switch-root.service loaded inactive dead Plymouth switch root servicepolkit.service loaded active running Authorization Managerpower-profiles-daemon.service loaded active running Power Profiles daemonrc-local.service loaded inactive dead /etc/rc.local Compatibilityrescue.service loaded inactive dead Rescue Shellrsyslog.service loaded active running System Logging Servicertkit-daemon.service loaded active running RealtimeKit Scheduling Policy Servicessh.service loaded active running OpenBSD Secure Shell serverswitcheroo-control.service loaded active running Switcheroo Control Proxy service
* system76-power.service not-found inactive dead system76-power.servicesystemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Consolesystemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouthsystemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wallsystemd-backlight@backlight:intel_backlight.service loaded active exited Load/Save Screen Backlight Brightness of backlight:i>systemd-binfmt.service loaded active exited Set Up Additional Binary Formatssystemd-firstboot.service loaded inactive dead First Boot Wizardsystemd-fsck-root.service loaded inactive dead File System Check on Root Devicesystemd-fsck@dev-disk-by\x2duuid-EEAA\x2d0AFD.service loaded active exited File System Check on /dev/disk/by-uuid/EEAA-0AFDsystemd-fsckd.service loaded inactive dead File System Check Daemon to report status
* systemd-hwdb-update.service not-found inactive dead systemd-hwdb-update.servicesystemd-initctl.service loaded inactive dead initctl Compatibility Daemonsystemd-journal-flush.service loaded active exited Flush Journal to Persistent Storagesystemd-journald.service loaded active running Journal Servicesystemd-logind.service loaded active running User Login Managementsystemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disksystemd-modules-load.service loaded active exited Load Kernel Modulessystemd-networkd.service loaded inactive dead Network Configuration
* systemd-oomd.service not-found inactive dead systemd-oomd.servicesystemd-pcrphase-initrd.service loaded inactive dead TPM2 PCR Barrier (initrd)systemd-pcrphase-sysinit.service loaded inactive dead TPM2 PCR Barrier (Initialization)systemd-pcrphase.service loaded inactive dead TPM2 PCR Barrier (User)systemd-pstore.service loaded inactive dead Platform Persistent Storage Archivalsystemd-quotacheck.service loaded inactive dead File System Quota Checksystemd-random-seed.service loaded active exited Load/Save Random Seedsystemd-remount-fs.service loaded active exited Remount Root and Kernel File Systemssystemd-repart.service loaded inactive dead Repartition Root Disksystemd-rfkill.service loaded inactive dead Load/Save RF Kill Switch Statussystemd-sysctl.service loaded active exited Apply Kernel Variablessystemd-sysext.service loaded inactive dead Merge System Extension Images into /usr/ and /opt/systemd-sysusers.service loaded active exited Create System Userssystemd-timesyncd.service loaded active running Network Time Synchronizationsystemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directoriessystemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /devsystemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directoriessystemd-udev-settle.service loaded inactive dead Wait for udev To Complete Device Initializationsystemd-udev-trigger.service loaded active exited Coldplug All udev Devicessystemd-udevd.service loaded active running Rule-based Manager for Device Events and Files
* systemd-update-done.service not-found inactive dead systemd-update-done.servicesystemd-update-utmp-runlevel.service loaded inactive dead Record Runlevel Change in UTMPsystemd-update-utmp.service loaded active exited Record System Boot/Shutdown in UTMPsystemd-user-sessions.service loaded active exited Permit User Sessions
* systemd-vconsole-setup.service not-found inactive dead systemd-vconsole-setup.service
* tuned.service not-found inactive dead tuned.serviceudisks2.service loaded active running Disk Managerupower.service loaded active running Daemon for power managementuser-runtime-dir@0.service loaded active exited User Runtime Directory /run/user/0user-runtime-dir@1000.service loaded active exited User Runtime Directory /run/user/1000user@0.service loaded active running User Manager for UID 0user@1000.service loaded active running User Manager for UID 1000wpa_supplicant.service loaded active running WPA supplicantxinetd.service loaded active running LSB: Starts or stops the xinetd daemon.LOAD = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB = The low-level unit activation state, values depend on unit type.
116 loaded units listed.
To show all installed unit files use 'systemctl list-unit-files'.
当前ssh, telnet状态
当前真机有2个网络连接,1个有限网口(IP = 192.168.1.5),一个wifi网口(IP = 192.168.1.3)
现在用WindTerm_2.6.0按照ssh方式连接192.168.1.5成功
现在用WindTerm_2.6.0按照telnet方式连接192.168.1.3成功
经过以上2条的验证,可知,当前用debian12原版的软件包,配置后,ssh和telnet都正常。
准备更新openssl3.2和openssh
跟同学讨论问题,他一直拿telnet来说不好使, 而不说openssh是否好使。而我可以确定的是,我提供的更新方法可以让openssh正常更新到openssl3.2,使ssh操作都是用新版的openssl3.2
我现在有点明白了,要用telnet正常,更新的应该是telnet-ssl或者telnet-server, 而不是openssh.因为我实验没做完,不敢肯定telnet正常用时,要更新哪个。但是我可以确定,更新的一定不是openssh
只有用ssh, 才需要更新openssl3.2和opennssh9.6.
在真机上更新openssl和openssh的实验先不做了。
感觉不是真机和虚拟机的区别。
从问题的分析结果看,telnet更新openssl后不好使,是因为telnet-server没更新。
等以后想在真机上更新openssl和openssh时,就照着以前的笔记来,如果(真机和虚拟机)真有区别,再更新笔记。
debian12 - openssh-9.6.P1的编译安装
