./configure --prefix=/opt --sysconfdir=/etc/ssh make && make install
# ssh -V OpenSSH_7.4p1, OpenSSL 1.0.1e-fips 11 Feb 2013 [root@centos7 ssh]#
/usr/sbin/sshd -t -f /etc/ssh/sshd_config
chmod 600 /etc/ssh/ssh_host_ed25519_key chmod 600 /etc/ssh/ssh_host_rsa_key chmod 600 /etc/ssh/ssh_host_ecdsa_key
/etc/ssh/sshd_config line 94: Unsupported option GSSAPIAuthentication /etc/ssh/sshd_config line 95: Unsupported option GSSAPICleanupCredentials /etc/ssh/sshd_config line 111: Unsupported option UsePAM
Thanks @Richard GIf available for Centos 7 you use this command in a shell (SSH as root):
And it will update everything. If you only want openssh and openssl updated you can use "yum update openssl openssh".
If not available, wait until Centos has fixed it. It's possible to build from fedora rpm's but I would not advise that.
Yes, provided there is an openssl update present. It also present an update for openssl-devel if present too.So "yum update openssl" will updated automatically in Cent OS7?
[root@srv: /etc]# yum update openssl CentOS-8 - AppStream 86 kB/s | 4.3 kB 00:00 CentOS-8 - Base 1.1 MB/s | 3.9 kB 00:00 CentOS-8 - Extras 3.5 kB/s | 1.5 kB 00:00 CentOS-8 - PowerTools 21 kB/s | 4.3 kB 00:00 Extra Packages for Enterprise Linux Modular 8 - x86_64 34 kB/s | 33 kB 00:00 Extra Packages for Enterprise Linux 8 - x86_64 69 kB/s | 34 kB 00:00 Dependencies resolved. ====================================================================================================================================================== Package Architecture Version Repository Size ====================================================================================================================================================== Upgrading: openssl x86_64 1:1.1.1c-15.el8 BaseOS 697 k openssl-devel x86_64 1:1.1.1c-15.el8 BaseOS 2.3 M openssl-libs x86_64 1:1.1.1c-15.el8 BaseOS 1.5 M Transaction Summary ====================================================================================================================================================== Upgrade 3 Packages Total download size: 4.4 M Is this ok [y/N]:
Yes it does (as you could see from the openssh update), but I specifically wrote "provided there is an openssl update present" and at this moment there is no newer Openssl for Centos 7.OpenSSL doesn't update using this in CentOS7
Thanks you very much Ricard GYes it does (as you could see from the openssh update), but I specifically wrote "provided there is an openssl update present" and at this moment there is no newer Openssl for Centos 7.
So if you want to use a newer openssl version on Centos 7, this is not possible, or you have to do something like mentioned in the thread you pointed to. However use at your own risk!
Thanks you very much, Brent for the answerRichard is correct. Centos do bug fixes for that main level in general. You have to move up to Centos 8 to get higher through RPM. Updating OpenSSL through the source is not really a standard process. Like Richard, I would rather move up in OS release than do some custom Source process.