Step-by-Step Guide to Upgrading OpenSSH to 8.4p1 on CentOS 7

Check the current OpenSSH version:

# ssh -V
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017

Install the required development packages if they are missing:

# rpm -qa|grep openssl-devel
openssl-devel-1.0.2k-19.el7.x86_64
# rpm -qa|grep zlib-devel
zlib-devel-1.2.7-18.el7.x86_64
# rpm -qa|grep pam-devel
pam-devel-1.1.8-23.el7.x86_64

Download the high‑version OpenSSH source package (8.4p1) from the official site:

Download URL: https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/

Install and start the telnet server to test connectivity before the upgrade:

# yum -y install telnet-server
# systemctl start telnet.socket
# systemctl status telnet.socket

Test the telnet connection (ensure root login is allowed):

# telnet 192.168.100.102
Trying 192.168.100.102...
Connected to 192.168.100.102.
...

Backup the existing SSH binaries and configuration directories so you can roll back if needed:

# mv /etc/ssh /etc/sshbak
# mv /usr/bin/ssh /usr/bin/sshbak
# mv /usr/sbin/sshd /usr/sbin/sshdbak

Extract, configure, compile, and install the new OpenSSH version:

tar -zxvf openssh-8.4p1.tar.gz
cd openssh-8.4p1/
./configure --prefix=/usr --sysconfdir=/etc/ssh --without-zlib-version-check --with-pam
make
make install

Synchronize the new sshd_config with the original configuration and verify syntax: sshd -t Restart the SSH daemon and wait a few minutes for it to become active: systemctl restart sshd Confirm that you can log in normally: ssh [email protected] Check the upgraded version to ensure the update succeeded:

# ssh -V
OpenSSH_8.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017

The OpenSSH upgrade is now complete.