3 # sshd sshd (secure shell daemon)
7 # description: sshd (secure shell daemon) is a server part of the ssh suite. \
8 # Ssh can be used for remote login, remote file copying, TCP port \
9 # forwarding etc. Ssh offers strong encryption and authentication.
13 # Source function library
14 . /etc/rc.d/init.d/functions
17 . /etc/sysconfig/network
20 [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
22 # Check that networking is up.
23 if is_yes "${NETWORKING}"; then
24 if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
25 msg_network_down "OpenSSH"
33 if [ -e /var/run/sshd.pid ]; then
34 for pid in $(cat /var/run/sshd.pid); do
35 if [ -e /proc/$pid/oom_score_adj ]; then
36 echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_score_adj
38 echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_adj
45 /usr/sbin/sshd -t || exit 1
49 # generate new keys with empty passwords if they do not exist
50 if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
51 /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' >&2
52 chmod 600 /etc/ssh/ssh_host_key
53 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key
55 if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
56 /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
57 chmod 600 /etc/ssh/ssh_host_rsa_key
58 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key
60 if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
61 /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
62 chmod 600 /etc/ssh/ssh_host_dsa_key
63 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key
65 if [ ! -f /etc/ssh/ssh_host_ecdsa_key -o ! -s /etc/ssh/ssh_host_ecdsa_key ]; then
66 /usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' >&2
67 chmod 600 /etc/ssh/ssh_host_ecdsa_key
68 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_ecdsa_key
73 # Check if the service is already running?
74 if [ -f /var/lock/subsys/sshd ]; then
75 msg_already_running "OpenSSH"
83 if [ ! -s /etc/ssh/ssh_host_key ]; then
84 msg_not_running "OpenSSH"
85 nls "No SSH host key found! You must run \"%s init\" first." "$0"
89 if is_yes "$IPV4_NETWORKING" && is_no "$IPV6_NETWORKING"; then
92 if is_yes "$IPV6_NETWORKING" && is_no "$IPV4_NETWORKING"; then
96 msg_starting "OpenSSH"
97 daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd $OPTIONS
100 [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
104 if [ -f /var/lock/subsys/sshd ]; then
105 msg_stopping "OpenSSH"
106 # we use start-stop-daemon to stop sshd, as it is unacceptable for such
107 # critical service as sshd to kill it by procname, but unfortunately
108 # rc-scripts does not provide way to kill *only* by pidfile
109 start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok || fail
110 rm -f /var/lock/subsys/sshd >/dev/null 2>&1
112 msg_not_running "OpenSSH"
116 upstart_controlled --except init configtest
119 # See how we were called.
137 nls "Now the SSH host key will be generated. Please note, that if you"
138 nls "will use password for the key, you will need to type it on each"
146 if [ -f /var/lock/subsys/sshd ]; then
148 msg_reloading "OpenSSH"
152 msg_not_running "OpenSSH"
157 msg_usage "$0 {start|stop|init|restart|reload|force-reload|status}"