Third-party detection reports that OpenSSH before 8.5 has a security vulnerability, OpenSSH security vulnerability (CVE-2016-20012). Through ssh -V, the current ssh version is 7.4. According to several reports, ssh needs to be upgraded to version 9.0. Through some methods on the Internet, but encountered difficult problems in the middle, especially after installation, sshd cannot be started, and sshd reports an error sshd.service start operation timed out. Terminating: The details are as follows:

Started Session 15 of user root.

sshd.service start operation timed out. Terminating
sshd[4900]: Received signal 15; terminating.
systemd: Failed to start OpenSSH server daemon.
systemd: Unit sshd.service entered failed state.
systemd: sshd.service failed.
systemd: sshd. service holdoff time over, scheduling restart.
systemd: Stopped OpenSSH server daemon.
systemd: Starting OpenSSH server daemon...
sshd[4988]: Server listening on 0.0.0.0 port 22.

sshd[4988]: Server listening on :: port 22.

Finally, after various groping and processing, the problem was finally solved. My server environment here is Centos7.9. The download address of the list of openSSH versions: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ The   upgrade process is as follows.

#View the current version
[[email protected] 04007]# ssh -V
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
#Must uninstall openssh first or sshd cannot be started
[[email protected] 04007]# yum -y remove openssh
#Download version 9.0 software for installation
[[email protected] 04007]# mkdir ~/openssh ; cd ~/openssh
[[email protected] 04007]# wget http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.0p1.tar.gz
[[email protected] 04007]# tar -zxvf openssh-9.0p1.tar.gz
[[email protected] 04007]# cd openssh-9.0p1

#Of course, the premise is that your openssl and zlib directories are this, if not, modify it.
[[email protected] 04007]# ./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh --with-ssl-dir=/usr/local/openssl --with-zlib=/usr /local/zlib --with-md5-passwords --without-hardening
[[email protected] 04007]# make && make install
[[email protected] 04007]# ln -s /usr/local/openssh/sbin/sshd /sbin/sshd
[[email protected] 04007]# ln -s /usr/local/openssh/bin/ssh-keygen /usr/bin/ssh-keygen
[[email protected] 04007]# service sshd restart

# verify upgrade
[[email protected] 04007]# ssh -V
OpenSSH_9.0p1, OpenSSL 1.0.2n 7 Dec 2017

    After upgrading SSH from 7.4 to 9.0, use service sshd restart to restart sshd, and you may encounter the following errors. You can enter the /etc/ssh/sshd_config configuration file and comment out the lines that report errors.
/etc/ssh/sshd_config line 79: Unsupported option GSSAPIAuthentication
/etc/ssh/sshd_config line 80: Unsupported option GSSAPICleanupCredentials
    may also encounter an error report that the relevant file cannot be found as follows. At this time, first locate ssh-keygen to find the file directory and add The soft links of /usr/bin/ssh-keygen and /sbin/sshd are enough, and I also wrote the above execution command at the same time.
/etc/rc.d/init.d/sshd: line 41: /usr/bin/ssh-keygen: No such file or directory

View sshd log method command
tail -f /var/log/messages