[packages/openssh.git] / opensshd.init

#!/bin/sh
#
# sshd		sshd (secure shell daemon)
#
# chkconfig:	345 55 45
#
# description:	sshd (secure shell daemon) is a server part of the ssh suite. \
#		Ssh can be used for remote login, remote file copying, TCP port \
#		forwarding etc. Ssh offers strong encryption and authentication.


# Source function library
. /etc/rc.d/init.d/functions

# Get network config
. /etc/sysconfig/network

# Get service config
[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd

# Check that networking is up.
if is_yes "${NETWORKING}"; then
	if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
		msg_network_down OpenSSH
		exit 1
	fi
else
	exit 0
fi

checkconfig() {
	/usr/sbin/sshd -t || exit 1
}

start() {
	# generate new keys with empty passwords if they do not exist
	if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
		/usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' 1>&2
		chmod 600 /etc/ssh/ssh_host_key
		[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key || :
	fi
	if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
		/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' 1>&2
		chmod 600 /etc/ssh/ssh_host_rsa_key
		[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key || :
	fi
	if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
		/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' 1>&2
		chmod 600 /etc/ssh/ssh_host_dsa_key
		[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key || :
	fi

	checkconfig

	if [ ! -f /etc/ssh/ssh_host_key ]; then
		msg_not_running OpenSSH
		nls "No SSH host key found! You must run \"%s init\" first." "$0"
		exit 1
	fi

	# Check if the service is already running?
	if [ ! -f /var/lock/subsys/sshd ]; then
		msg_starting OpenSSH
		daemon /usr/sbin/sshd
		RETVAL=$?
		[ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
	else
		msg_already_running OpenSSH
	fi
}

stop() {
	if [ -f /var/lock/subsys/sshd ]; then
		msg_stopping OpenSSH
		# we use start-stop-daemon to stop sshd, as it is unacceptable for such
		# critical service as sshd to kill it by procname, but unfortunately
		# rc-scripts does not provide way to kill *only* by pidfile
		start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok || fail
		rm -f /var/lock/subsys/sshd >/dev/null 2>&1
	else
		msg_not_running OpenSSH
	fi
}

RETVAL=0
# See how we were called.
case "$1" in
  start)
  	start
	;;
  stop)
  	stop
	;;
  restart)
	checkconfig
	stop
	start
	;;
  status)
	status sshd
	exit $?
	;;
  init)
	nls "Now the SSH host key will be generated. Please note, that if you"
	nls "will use password for the key, you will need to type it on each"
	nls "reboot."
	/usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key
	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key || :
	chmod 600 /etc/ssh/ssh_host_key
	/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key || :
	chmod 600 /etc/ssh/ssh_host_rsa_key
	/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
	chmod 600 /etc/ssh/ssh_host_dsa_key
	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key || :
	exit $?
	;;
  reload|force-reload)
	if [ -f /var/lock/subsys/sshd ]; then
		checkconfig
		msg_reloading OpenSSH
		killproc sshd -HUP
		RETVAL=$?
	else
		msg_not_running OpenSSH
		exit 7
	fi
	;;
  *)
	msg_usage "$0 {start|stop|init|restart|reload|force-reload|status}"
	exit 3
esac

exit $RETVAL
Commit	Line	Data
	1	#!/bin/sh
	2	#
	3	# sshd sshd (secure shell daemon)
	4	#
	5	# chkconfig: 345 55 45
	6	#
	7	# description: sshd (secure shell daemon) is a server part of the ssh suite. \
	8	# Ssh can be used for remote login, remote file copying, TCP port \
	9	# forwarding etc. Ssh offers strong encryption and authentication.
	10
	11
	12	# Source function library
	13	. /etc/rc.d/init.d/functions
	14
	15	# Get network config
	16	. /etc/sysconfig/network
	17
	18	# Get service config
	19	[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
	20
	21	# Check that networking is up.
	22	if is_yes "${NETWORKING}"; then
	23	if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
	24	msg_network_down OpenSSH
	25	exit 1
	26	fi
	27	else
	28	exit 0
	29	fi
	30
	31	checkconfig() {
	32	/usr/sbin/sshd -t \|\| exit 1
	33	}
	34
	35	start() {
	36	# generate new keys with empty passwords if they do not exist
	37	if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
	38	/usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' 1>&2
	39	chmod 600 /etc/ssh/ssh_host_key
	40	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key \|\| :
	41	fi
	42	if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
	43	/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' 1>&2
	44	chmod 600 /etc/ssh/ssh_host_rsa_key
	45	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key \|\| :
	46	fi
	47	if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
	48	/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' 1>&2
	49	chmod 600 /etc/ssh/ssh_host_dsa_key
	50	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key \|\| :
	51	fi
	52
	53	checkconfig
	54
	55	if [ ! -f /etc/ssh/ssh_host_key ]; then
	56	msg_not_running OpenSSH
	57	nls "No SSH host key found! You must run \"%s init\" first." "$0"
	58	exit 1
	59	fi
	60
	61	# Check if the service is already running?
	62	if [ ! -f /var/lock/subsys/sshd ]; then
	63	msg_starting OpenSSH
	64	daemon /usr/sbin/sshd
	65	RETVAL=$?
	66	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
	67	else
	68	msg_already_running OpenSSH
	69	fi
	70	}
	71
	72	stop() {
	73	if [ -f /var/lock/subsys/sshd ]; then
	74	msg_stopping OpenSSH
	75	# we use start-stop-daemon to stop sshd, as it is unacceptable for such
	76	# critical service as sshd to kill it by procname, but unfortunately
	77	# rc-scripts does not provide way to kill only by pidfile
	78	start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok \|\| fail
	79	rm -f /var/lock/subsys/sshd >/dev/null 2>&1
	80	else
	81	msg_not_running OpenSSH
	82	fi
	83	}
	84
	85	RETVAL=0
	86	# See how we were called.
	87	case "$1" in
	88	start)
	89	start
	90	;;
	91	stop)
	92	stop
	93	;;
	94	restart)
	95	checkconfig
	96	stop
	97	start
	98	;;
	99	status)
	100	status sshd
	101	exit $?
	102	;;
	103	init)
	104	nls "Now the SSH host key will be generated. Please note, that if you"
	105	nls "will use password for the key, you will need to type it on each"
	106	nls "reboot."
	107	/usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key
	108	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key \|\| :
	109	chmod 600 /etc/ssh/ssh_host_key
	110	/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
	111	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key \|\| :
	112	chmod 600 /etc/ssh/ssh_host_rsa_key
	113	/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
	114	chmod 600 /etc/ssh/ssh_host_dsa_key
	115	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key \|\| :
	116	exit $?
	117	;;
	118	reload\|force-reload)
	119	if [ -f /var/lock/subsys/sshd ]; then
	120	checkconfig
	121	msg_reloading OpenSSH
	122	killproc sshd -HUP
	123	RETVAL=$?
	124	else
	125	msg_not_running OpenSSH
	126	exit 7
	127	fi
	128	;;
	129	*)
	130	msg_usage "$0 {start\|stop\|init\|restart\|reload\|force-reload\|status}"
	131	exit 3
	132	esac
	133
	134	exit $RETVAL