]> git.pld-linux.org Git - packages/openssh.git/blame - opensshd.init
projects / packages / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- rel 2; generate ed25519 server key
[packages/openssh.git] / opensshd.init
CommitLineData
cf3b46d6
AF		 1#!/bin/sh
2#
3# sshd sshd (secure shell daemon)
4#
8f0031d7 5# chkconfig: 345 22 88
cf3b46d6 6#
4a9f24b4 7# description: sshd (secure shell daemon) is a server part of the ssh suite. \
8# Ssh can be used for remote login, remote file copying, TCP port \
cf3b46d6
AF		 9# forwarding etc. Ssh offers strong encryption and authentication.
10
cf3b46d6
AF		 11# Source function library
12. /etc/rc.d/init.d/functions
13
c303393a
ER		 14upstart_controlled --except init configtest
15
cf3b46d6
AF		 16# Get network config
17. /etc/sysconfig/network
18
3cd7ffe2 19SSHD_OOM_ADJUST=-1000
df55b69c 20PIDFILE=/var/run/sshd.pid
3cd7ffe2 21
cf3b46d6
AF		 22# Get service config
23[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
24
25# Check that networking is up.
7d58fbb0 26if is_yes "${NETWORKING}"; then
224aaee1 27 if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
e6635719 28 msg_network_down "OpenSSH"
7d58fbb0 29 exit 1
30 fi
31else
32 exit 0
cf3b46d6 33fi
a1c37c17 34
32322335 35adjust_oom() {
df55b69c
ER		 36 if [ -e $PIDFILE ]; then
37 for pid in $(cat $PIDFILE); do
9172cbe8 38 echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_score_adj
141073f0
ER		 39 done
40 fi
32322335
AM		 41}
42
945a8076 43checkconfig() {
d27ccc9b 44 ssh_gen_keys
945a8076
ER		 45 /usr/sbin/sshd -t || exit 1
46}
47
e6635719 48ssh_gen_keys() {
3c573fc0 49 # generate new keys with empty passwords if they do not exist
50 if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
e6635719 51 /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' >&2
7d58fbb0 52 chmod 600 /etc/ssh/ssh_host_key
e6635719 53 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key
3c573fc0 54 fi
55 if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
e6635719 56 /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
7d58fbb0 57 chmod 600 /etc/ssh/ssh_host_rsa_key
e6635719 58 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key
3c573fc0 59 fi
60 if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
e6635719 61 /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
7d58fbb0 62 chmod 600 /etc/ssh/ssh_host_dsa_key
e6635719
ER		 63 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key
64 fi
7b384e20
AM		 65 if [ ! -f /etc/ssh/ssh_host_ecdsa_key -o ! -s /etc/ssh/ssh_host_ecdsa_key ]; then
66 /usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' >&2
67 chmod 600 /etc/ssh/ssh_host_ecdsa_key
68 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_ecdsa_key
95191792 69 fi # ecdsa
3eb72854
AM		 70 if [ ! -f /etc/ssh/ssh_host_ed25519_key -o ! -s /etc/ssh/ssh_host_ed25519_key ]; then
71 /usr/bin/ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N '' >&2
72 chmod 600 /etc/ssh/ssh_host_ed25519_key
73 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_ed25519_key
74 fi # ed25519
e6635719
ER		 75}
76
77start() {
78 # Check if the service is already running?
79 if [ -f /var/lock/subsys/sshd ]; then
80 msg_already_running "OpenSSH"
81 return
3c573fc0 82 fi
83
945a8076
ER		 84 checkconfig
85
e6635719
ER		 86 if [ ! -s /etc/ssh/ssh_host_key ]; then
87 msg_not_running "OpenSSH"
7d58fbb0 88 nls "No SSH host key found! You must run \"%s init\" first." "$0"
01d1f289 89 exit 1
90 fi
3c573fc0 91
1292c55e
ER		 92 if is_yes "$IPV4_NETWORKING" && is_no "$IPV6_NETWORKING"; then
93 OPTIONS="$OPTIONS -4"
94 fi
95 if is_yes "$IPV6_NETWORKING" && is_no "$IPV4_NETWORKING"; then
96 OPTIONS="$OPTIONS -6"
97 fi
98
e6635719 99 msg_starting "OpenSSH"
df55b69c 100 daemon --pidfile $PIDFILE /usr/sbin/sshd $OPTIONS
e6635719
ER		 101 RETVAL=$?
102 adjust_oom
103 [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
b10eed65
ER		 104}
105
106stop() {
3cd7ffe2 107 if [ ! -f /var/lock/subsys/sshd ]; then
e6635719 108 msg_not_running "OpenSSH"
3cd7ffe2 109 return
a1c37c17 110 fi
3cd7ffe2
ER		 111
112 msg_stopping "OpenSSH"
113 # we use start-stop-daemon to stop sshd, as it is unacceptable for such
114 # critical service as sshd to kill it by procname, but unfortunately
115 # rc-scripts does not provide way to kill *only* by pidfile
df55b69c 116 start-stop-daemon --stop --quiet --pidfile $PIDFILE && ok || fail
3cd7ffe2
ER		 117 rm -f /var/lock/subsys/sshd >/dev/null 2>&1
118}
119
120reload() {
121 if [ ! -f /var/lock/subsys/sshd ]; then
122 msg_not_running "OpenSSH"
123 RETVAL=7
124 return
125 fi
126
127 checkconfig
128 msg_reloading "OpenSSH"
129 killproc sshd -HUP
130 RETVAL=$?
b10eed65
ER		 131}
132
8e8276e5
ER		 133condrestart() {
134 if [ ! -f /var/lock/subsys/sshd ]; then
135 msg_not_running "OpenSSH"
136 RETVAL=$1
137 return
138 fi
139
140 checkconfig
141 stop
142 start
143}
144
b10eed65
ER		 145RETVAL=0
146# See how we were called.
147case "$1" in
148 start)
149 start
150 ;;
151 stop)
152 stop
cf3b46d6 153 ;;
cbd44157 154 restart)
945a8076 155 checkconfig
b10eed65
ER		 156 stop
157 start
cf3b46d6 158 ;;
8e8276e5
ER		 159 try-restart)
160 condrestart 0
161 ;;
3cd7ffe2
ER		 162 reload|force-reload)
163 reload
164 ;;
165 configtest)
166 checkconfig
cf3b46d6 167 ;;
01d1f289 168 init)
0d883194 169 nls "Now the SSH host key will be generated. Please note, that if you"
170 nls "will use password for the key, you will need to type it on each"
171 nls "reboot."
e6635719 172 ssh_gen_keys
36f63877 173 ;;
3cd7ffe2 174 status)
df55b69c 175 status --pidfile $PIDFILE sshd
3cd7ffe2 176 exit $?
36f63877 177 ;;
cf3b46d6 178 *)
8e8276e5 179 msg_usage "$0 {start|stop|restart|try-restart|reload|force-reload|configtest|init|status}"
bff0c7f8 180 exit 3
cf3b46d6
AF		 181esac
182
cbd44157 183exit $RETVAL
OpenSSH free Secure Shell (SSH) implementation
This page took 0.089199 seconds and 4 git commands to generate.