# Check that networking is up.
if is_no "${NETWORKING}"; then
- msg_Network_Down OpenSSH
+ msg_network_down OpenSSH
exit 1
fi
# See how we were called.
case "$1" in
start)
+ # generate new keys with empty passwords if they do not exist
+ if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
+ /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' 1>&2
+ chmod 600 /etc/ssh/ssh_host_key
+ fi
+ if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
+ /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' 1>&2
+ chmod 600 /etc/ssh/ssh_host_rsa_key
+ fi
+ if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
+ /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' 1>&2
+ chmod 600 /etc/ssh/ssh_host_dsa_key
+ fi
+
+ if [ ! -f /etc/ssh/ssh_host_key ]; then
+ msg_not_running OpenSSH
+ nls "No SSH host key found! You must run \"$0 init\" first."
+ exit 1
+ fi
+
# Check if the service is already running?
if [ ! -f /var/lock/subsys/sshd ]; then
msg_starting OpenSSH
- daemon sshd -h /etc/ssh/ssh_host_key
+ ULIMIT_C="-S -c 0"
+ daemon /usr/sbin/sshd
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
else
- msg_Already_Running OpenSSH
+ msg_already_running OpenSSH
fi
;;
stop)
killproc sshd
rm -f /var/run/sshd.pid /var/lock/subsys/sshd >/dev/null 2>&1
else
- msg_Not_Running OpenSSH
+ msg_not_running OpenSSH
exit 1
fi
;;
status sshd
exit $?
;;
+ init)
+ echo "Now the SSH host key will be generated. Please note, that if you"
+ echo "will use password for the key, you will need to type it on each"
+ echo "reboot."
+ /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key
+ chmod 600 /etc/ssh/ssh_host_key
+ /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
+ chmod 600 /etc/ssh/ssh_host_rsa_key
+ /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
+ chmod 600 /etc/ssh/ssh_host_dsa_key
+ exit $?
+ ;;
+ reload)
+ msg_reloading OpenSSH
+ killproc sshd -HUP
+ ;;
*)
- msg_Usage "$0 {start|stop|status|restart}"
+ msg_usage "$0 {start|stop|init|status|restart|reload}"
exit 1
esac