# CVE-2024-6387fixshell
只影响8.5p1 <= OpenSSH < 9.8p1
#### 安装编译依赖
```
sudo apt-get update
sudo apt-get install -y build-essential zlib1g-dev libssl-dev
```
#### 下载指定版本源码
```
wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.8p1.tar.gz
```
#### 解压并进入目录
```
tar -xzf openssh-9.8p1.tar.gz
cd openssh-9.8p1
```
#### 编译和安装
```
./configure
make
sudo make install
```
#### 启动并检查安装
```
sudo systemctl restart ssh
ssh -V
```
完整修复脚本保存为fix.sh chmod 777 fix.sh | ./fix.sh
```
#!/bin/bash
# 更新包列表
echo "更新包列表..."
sudo apt-get update
# 安装编译依赖
echo "安装编译依赖..."
sudo apt-get install -y build-essential zlib1g-dev libssl-dev
# 下载指定版本源码
echo "下载OpenSSH 9.8p1源码..."
wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.8p1.tar.gz
# 解压并进入目录
echo "解压OpenSSH 9.8p1源码..."
tar -xzf openssh-9.8p1.tar.gz
cd openssh-9.8p1
# 编译和安装
echo "编译和安装OpenSSH 9.8p1..."
./configure
make
sudo make install
# 启动并检查安装
echo "重启SSH服务并检查安装..."
sudo systemctl restart ssh
ssh -V
echo "OpenSSH 9.8p1 安装完成并成功启动。-By muyuanhuck.cn"
```
[4.0K] /data/pocs/e4cdd1b8cc5202d968d203eab477db75d04feaff
├── [ 687] fix.sh
└── [1.3K] README.md
0 directories, 2 files