]> git.pld-linux.org Git - packages/openssh.git/blob - opensshd.init
projects / packages / openssh.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
- merge key generation logic to one place; sync after new keys write
[packages/openssh.git] / opensshd.init
1 #!/bin/sh
2 #
3 # sshd          sshd (secure shell daemon)
4 #
5 # chkconfig:    345 55 45
6 #
7 # description:  sshd (secure shell daemon) is a server part of the ssh suite. \
8 #               Ssh can be used for remote login, remote file copying, TCP port \
9 #               forwarding etc. Ssh offers strong encryption and authentication.
10
11 SSHD_OOM_ADJUST=-17
12
13 # Source function library
14 . /etc/rc.d/init.d/functions
15
16 # Get network config
17 . /etc/sysconfig/network
18
19 # Get service config
20 [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
21
22 # Check that networking is up.
23 if is_yes "${NETWORKING}"; then
24         if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
25                 msg_network_down "OpenSSH"
26                 exit 1
27         fi
28 else
29         exit 0
30 fi
31
32 adjust_oom() {
33         if [ -e /var/run/sshd.pid ]; then
34                 for pid in $(cat /var/run/sshd.pid); do
35                         echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_adj
36                 done
37         fi
38 }
39
40 checkconfig() {
41         /usr/sbin/sshd -t || exit 1
42 }
43
44 ssh_gen_keys() {
45         # generate new keys with empty passwords if they do not exist
46         if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
47                 /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' >&2
48                 chmod 600 /etc/ssh/ssh_host_key
49                 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key
50         fi
51         if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
52                 /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
53                 chmod 600 /etc/ssh/ssh_host_rsa_key
54                 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key
55         fi
56         if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
57                 /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
58                 chmod 600 /etc/ssh/ssh_host_dsa_key
59                 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key
60         fi
61
62         # commit files. so that sudden reboot here won't lose the data.
63         [ -x /bin/sync ] && /bin/sync
64 }
65
66 start() {
67         # Check if the service is already running?
68         if [ -f /var/lock/subsys/sshd ]; then
69                 msg_already_running "OpenSSH"
70                 return
71         fi
72
73         ssh_gen_keys
74
75         checkconfig
76
77         if [ ! -s /etc/ssh/ssh_host_key ]; then
78                 msg_not_running "OpenSSH"
79                 nls "No SSH host key found! You must run \"%s init\" first." "$0"
80                 exit 1
81         fi
82
83         msg_starting "OpenSSH"
84         daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd
85         RETVAL=$?
86         adjust_oom
87         [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
88 }
89
90 stop() {
91         if [ -f /var/lock/subsys/sshd ]; then
92                 msg_stopping "OpenSSH"
93                 # we use start-stop-daemon to stop sshd, as it is unacceptable for such
94                 # critical service as sshd to kill it by procname, but unfortunately
95                 # rc-scripts does not provide way to kill *only* by pidfile
96                 start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok || fail
97                 rm -f /var/lock/subsys/sshd >/dev/null 2>&1
98         else
99                 msg_not_running "OpenSSH"
100         fi
101 }
102
103 RETVAL=0
104 # See how we were called.
105 case "$1" in
106   start)
107         start
108         ;;
109   stop)
110         stop
111         ;;
112   restart)
113         checkconfig
114         stop
115         start
116         ;;
117   status)
118         status sshd
119         exit $?
120         ;;
121   init)
122         nls "Now the SSH host key will be generated. Please note, that if you"
123         nls "will use password for the key, you will need to type it on each"
124         nls "reboot."
125         ssh_gen_keys
126         ;;
127   reload|force-reload)
128         if [ -f /var/lock/subsys/sshd ]; then
129                 checkconfig
130                 msg_reloading "OpenSSH"
131                 killproc sshd -HUP
132                 RETVAL=$?
133         else
134                 msg_not_running "OpenSSH"
135                 exit 7
136         fi
137         ;;
138   *)
139         msg_usage "$0 {start|stop|init|restart|reload|force-reload|status}"
140         exit 3
141 esac
142
143 exit $RETVAL
OpenSSH free Secure Shell (SSH) implementation
This page took 0.100349 seconds and 4 git commands to generate.