3 # sshd sshd (secure shell daemon)
7 # description: sshd (secure shell daemon) is a server part of the ssh suite. \
8 # Ssh can be used for remote login, remote file copying, TCP port \
9 # forwarding etc. Ssh offers strong encryption and authentication.
11 # Source function library
12 . /etc/rc.d/init.d/functions
15 . /etc/sysconfig/network
20 [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
22 # Check that networking is up.
23 if is_yes "${NETWORKING}"; then
24 if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
25 msg_network_down "OpenSSH"
33 if [ -e /var/run/sshd.pid ]; then
34 for pid in $(cat /var/run/sshd.pid); do
35 echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_score_adj
41 /usr/sbin/sshd -t || exit 1
45 # generate new keys with empty passwords if they do not exist
46 if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
47 /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' >&2
48 chmod 600 /etc/ssh/ssh_host_key
49 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key
51 if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
52 /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
53 chmod 600 /etc/ssh/ssh_host_rsa_key
54 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key
56 if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
57 /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
58 chmod 600 /etc/ssh/ssh_host_dsa_key
59 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key
61 if [ ! -f /etc/ssh/ssh_host_ecdsa_key -o ! -s /etc/ssh/ssh_host_ecdsa_key ]; then
62 /usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' >&2
63 chmod 600 /etc/ssh/ssh_host_ecdsa_key
64 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_ecdsa_key
69 # Check if the service is already running?
70 if [ -f /var/lock/subsys/sshd ]; then
71 msg_already_running "OpenSSH"
78 if [ ! -s /etc/ssh/ssh_host_key ]; then
79 msg_not_running "OpenSSH"
80 nls "No SSH host key found! You must run \"%s init\" first." "$0"
84 if is_yes "$IPV4_NETWORKING" && is_no "$IPV6_NETWORKING"; then
87 if is_yes "$IPV6_NETWORKING" && is_no "$IPV4_NETWORKING"; then
91 msg_starting "OpenSSH"
92 daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd $OPTIONS
95 [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
99 if [ ! -f /var/lock/subsys/sshd ]; then
100 msg_not_running "OpenSSH"
104 msg_stopping "OpenSSH"
105 # we use start-stop-daemon to stop sshd, as it is unacceptable for such
106 # critical service as sshd to kill it by procname, but unfortunately
107 # rc-scripts does not provide way to kill *only* by pidfile
108 start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok || fail
109 rm -f /var/lock/subsys/sshd >/dev/null 2>&1
113 if [ ! -f /var/lock/subsys/sshd ]; then
114 msg_not_running "OpenSSH"
120 msg_reloading "OpenSSH"
125 upstart_controlled --except init configtest
128 # See how we were called.
148 nls "Now the SSH host key will be generated. Please note, that if you"
149 nls "will use password for the key, you will need to type it on each"
158 msg_usage "$0 {start|stop|restart|reload|force-reload|configtest|init|status}"