3 # sshd sshd (secure shell daemon)
7 # description: sshd (secure shell daemon) is a server part of the ssh suite. \
8 # Ssh can be used for remote login, remote file copying, TCP port \
9 # forwarding etc. Ssh offers strong encryption and authentication.
11 # Source function library
12 . /etc/rc.d/init.d/functions
14 upstart_controlled --except init configtest
17 . /etc/sysconfig/network
22 [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
24 # Check that networking is up.
25 if is_yes "${NETWORKING}"; then
26 if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
27 msg_network_down "OpenSSH"
35 if [ -e /var/run/sshd.pid ]; then
36 for pid in $(cat /var/run/sshd.pid); do
37 echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_score_adj
43 /usr/sbin/sshd -t || exit 1
47 # generate new keys with empty passwords if they do not exist
48 if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
49 /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' >&2
50 chmod 600 /etc/ssh/ssh_host_key
51 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key
53 if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
54 /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
55 chmod 600 /etc/ssh/ssh_host_rsa_key
56 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key
58 if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
59 /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
60 chmod 600 /etc/ssh/ssh_host_dsa_key
61 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key
63 if [ ! -f /etc/ssh/ssh_host_ecdsa_key -o ! -s /etc/ssh/ssh_host_ecdsa_key ]; then
64 /usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' >&2
65 chmod 600 /etc/ssh/ssh_host_ecdsa_key
66 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_ecdsa_key
71 # Check if the service is already running?
72 if [ -f /var/lock/subsys/sshd ]; then
73 msg_already_running "OpenSSH"
80 if [ ! -s /etc/ssh/ssh_host_key ]; then
81 msg_not_running "OpenSSH"
82 nls "No SSH host key found! You must run \"%s init\" first." "$0"
86 if is_yes "$IPV4_NETWORKING" && is_no "$IPV6_NETWORKING"; then
89 if is_yes "$IPV6_NETWORKING" && is_no "$IPV4_NETWORKING"; then
93 msg_starting "OpenSSH"
94 daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd $OPTIONS
97 [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
101 if [ ! -f /var/lock/subsys/sshd ]; then
102 msg_not_running "OpenSSH"
106 msg_stopping "OpenSSH"
107 # we use start-stop-daemon to stop sshd, as it is unacceptable for such
108 # critical service as sshd to kill it by procname, but unfortunately
109 # rc-scripts does not provide way to kill *only* by pidfile
110 start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok || fail
111 rm -f /var/lock/subsys/sshd >/dev/null 2>&1
115 if [ ! -f /var/lock/subsys/sshd ]; then
116 msg_not_running "OpenSSH"
123 msg_reloading "OpenSSH"
129 if [ ! -f /var/lock/subsys/sshd ]; then
130 msg_not_running "OpenSSH"
141 # See how we were called.
164 nls "Now the SSH host key will be generated. Please note, that if you"
165 nls "will use password for the key, you will need to type it on each"
174 msg_usage "$0 {start|stop|restart|try-restart|reload|force-reload|configtest|init|status}"