How to upgrade OpenSSH on CentOS 5


If want your server to pass the PCI DSS scan then you will need the latest version OpenSSH. But the CentOS 5 repos doesn’t contain the latest version of OpenSSH. So will have to create your own rpm and install it.

First of all install the rpmbuild tools

yum install rpm-build gcc make

Then download the latest version from

tar zxvf openssh-6.5p1.tar.gz

Copy the files to specific folders. Create the folders if they don’t exist.

cp ./openssh-6.5p1/contrib/redhat/openssh.spec /usr/src/redhat/SPECS/
cp openssh-5.8p1.tar.gz /usr/src/redhat/SOURCES/

Now disable the x11-askpas and gnome-askpass as we don’t require it. Edit /usr/src/redhat/SPECS/openssh.spec and set below values

# Do we want to disable building of x11-askpass? (1=yes 0=no)
%define no_x11_askpass 1

# Do we want to disable building of gnome-askpass? (1=yes 0=no)
%define no_gnome_askpass 1

Now build the rpm

cd /usr/src/redhat/SPECS
rpmbuild -bb openssh.spec

Above commands will create the rpm in /usr/src/redhat/RPMS/ folder. Go ahead and install them

cd /usr/src/redhat/RPMS/x86_64/
rpm -Uvh *.rpm

And it’s done. You can check the SSH version using command “ssh -V”


Sreejit is the founder of Server Management Plus. He has created a lots of automation scripts for the company using which we are able to resolve issue at an extremely fast rate and save lots of time. He has a very keen interest in new technologies and spend most of his free time online researching about it apart from listening music and watching movies.

14 thoughts on “How to upgrade OpenSSH on CentOS 5”

  1. Hello,

    I am following steps mentioned to upgrade openssh.
    But one of the step is following.
    cp openssh-5.8p1.tar.gz /usr/src/redhat/SOURCES/

    my question is how did we get openssh-5.8p1.tar.gz ?


    1. You have to download it from as mentioned it in above steps.

  2. Hi, could you help me, after rebuilding I have got next files:
    ls -l

    But when I want to install this rpm, I get an error:

    # rpm -Uvh *.rpm
    error: Failed dependencies:
    openssh = 5.3p1-81.el6 is needed by (installed) openssh-askpass-5.3p1-81.el6.x86_64

  3. excellent information,
    we update my ssh version on centOS Server.
    Thanks for your kindly efforts!!!

  4. After a successful OpenSSH 6.6P1 upgrade, i am not able to ssh to the system . Its giving me Permission denied error. Any Idea why this happening.
    Got really frustrated with this issue. Even for root, this permission denied error is coming. I have googled at lot but couldnt find a solution still. Please help.

    Thanks in advance.

    1. I can’t say anything for sure. Login to console and check the /var/log/secure and /var/log/messages for the exact reason.

    2. I encountered exactly the same issue. After upgrading to ssh6.5p1 on a RHEL 6.5, I was no longer to be able to login, even with root. Is there a quick work-around or some tricks to have it resolved?


    3. I figured it out.

      After updating sshd, the /etc/pam.d/sshd file got messed up. After changing the settings, it is working now.

  5. CER TXG: Please i want to know what settings exactly that you changed that made it to start working becuase i am having same problem here

  6. I had issues logging in after upgrade, but replacing contents in /etc/pam.d/sshd


    #auth required service=system-auth
    #account required
    #account required service=system-auth
    #password required service=system-auth
    #session required service=system-auth

    auth required
    auth include password-auth
    account required
    account include password-auth
    password include password-auth
    # close should be the first session rule
    session required close
    session required
    # open should only be followed by sessions to be executed in the user context
    session required open env_params
    session optional force revoke
    session include password-auth

  7. Pingback: Centos Latest Version |

Comments are closed.