How to upgrade OpenSSH on CentOS 5


If want your server to pass the PCI DSS scan then you will need the latest version OpenSSH. But the CentOS 5 repos doesn’t contain the latest version of OpenSSH. So will have to create your own rpm and install it.

First of all install the rpmbuild tools

yum install rpm-build gcc make

Then download the latest version from

tar zxvf openssh-6.5p1.tar.gz

Copy the files to specific folders. Create the folders if they don’t exist.

cp ./openssh-6.5p1/contrib/redhat/openssh.spec /usr/src/redhat/SPECS/
cp openssh-5.8p1.tar.gz /usr/src/redhat/SOURCES/

Now disable the x11-askpas and gnome-askpass as we don’t require it. Edit /usr/src/redhat/SPECS/openssh.spec and set below values

# Do we want to disable building of x11-askpass? (1=yes 0=no)
%define no_x11_askpass 1

# Do we want to disable building of gnome-askpass? (1=yes 0=no)
%define no_gnome_askpass 1

Now build the rpm

cd /usr/src/redhat/SPECS
rpmbuild -bb openssh.spec

Above commands will create the rpm in /usr/src/redhat/RPMS/ folder. Go ahead and install them

cd /usr/src/redhat/RPMS/x86_64/
rpm -Uvh *.rpm

And it’s done. You can check the SSH version using command “ssh -V”

Show 14 Comments


  1. sachin


    I am following steps mentioned to upgrade openssh.
    But one of the step is following.
    cp openssh-5.8p1.tar.gz /usr/src/redhat/SOURCES/

    my question is how did we get openssh-5.8p1.tar.gz ?


  2. Basil

    Hi, could you help me, after rebuilding I have got next files:
    ls -l

    But when I want to install this rpm, I get an error:

    # rpm -Uvh *.rpm
    error: Failed dependencies:
    openssh = 5.3p1-81.el6 is needed by (installed) openssh-askpass-5.3p1-81.el6.x86_64

    • You should also download the latest version of openssh-askpass and update it too.

  3. excellent information,
    we update my ssh version on centOS Server.
    Thanks for your kindly efforts!!!

  4. Sanjay Singh

    After a successful OpenSSH 6.6P1 upgrade, i am not able to ssh to the system . Its giving me Permission denied error. Any Idea why this happening.
    Got really frustrated with this issue. Even for root, this permission denied error is coming. I have googled at lot but couldnt find a solution still. Please help.

    Thanks in advance.

    • I can’t say anything for sure. Login to console and check the /var/log/secure and /var/log/messages for the exact reason.

    • I encountered exactly the same issue. After upgrading to ssh6.5p1 on a RHEL 6.5, I was no longer to be able to login, even with root. Is there a quick work-around or some tricks to have it resolved?


    • I figured it out.

      After updating sshd, the /etc/pam.d/sshd file got messed up. After changing the settings, it is working now.

  5. Goodness Okpani

    CER TXG: Please i want to know what settings exactly that you changed that made it to start working becuase i am having same problem here

  6. I had issues logging in after upgrade, but replacing contents in /etc/pam.d/sshd


    #auth required service=system-auth
    #account required
    #account required service=system-auth
    #password required service=system-auth
    #session required service=system-auth

    auth required
    auth include password-auth
    account required
    account include password-auth
    password include password-auth
    # close should be the first session rule
    session required close
    session required
    # open should only be followed by sessions to be executed in the user context
    session required open env_params
    session optional force revoke
    session include password-auth

  7. Catalin Vasilescu

    Confirmed !!!

    The post above works 100% !

Comments are closed