opensshd.init

   1 #!/bin/sh
   2 #
   3 # sshd          sshd (secure shell daemon)
   4 #
   5 # chkconfig:    345 55 45
   6 #
   7 # description:  sshd (secure shell daemon) is a server part of the ssh suite. \
   8 #               Ssh can be used for remote login, remote file copying, TCP port \
   9 #               forwarding etc. Ssh offers strong encryption and authentication.
  10
  11 SSHD_OOM_ADJUST=-17
  12
  13 # Source function library
  14 . /etc/rc.d/init.d/functions
  15
  16 # Get network config
  17 . /etc/sysconfig/network
  18
  19 # Get service config
  20 [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
  21
  22 # Check that networking is up.
  23 if is_yes "${NETWORKING}"; then
  24         if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
  25                 msg_network_down OpenSSH
  26                 exit 1
  27         fi
  28 else
  29         exit 0
  30 fi
  31
  32 adjust_oom() {
  33         if [ -e /var/run/sshd.pid ]; then
  34                 for pid in $(cat /var/run/sshd.pid); do
  35                         echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_adj
  36                 done
  37         fi
  38 }
  39
  40 checkconfig() {
  41         /usr/sbin/sshd -t || exit 1
  42 }
  43
  44 start() {
  45         # generate new keys with empty passwords if they do not exist
  46         if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
  47                 /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' 1>&2
  48                 chmod 600 /etc/ssh/ssh_host_key
  49                 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key || :
  50         fi
  51         if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
  52                 /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' 1>&2
  53                 chmod 600 /etc/ssh/ssh_host_rsa_key
  54                 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key || :
  55         fi
  56         if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
  57                 /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' 1>&2
  58                 chmod 600 /etc/ssh/ssh_host_dsa_key
  59                 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key || :
  60         fi
  61
  62         checkconfig
  63
  64         if [ ! -f /etc/ssh/ssh_host_key ]; then
  65                 msg_not_running OpenSSH
  66                 nls "No SSH host key found! You must run \"%s init\" first." "$0"
  67                 exit 1
  68         fi
  69
  70         # Check if the service is already running?
  71         if [ ! -f /var/lock/subsys/sshd ]; then
  72                 msg_starting OpenSSH
  73                 daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd
  74                 RETVAL=$?
  75                 adjust_oom
  76                 [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
  77         else
  78                 msg_already_running OpenSSH
  79         fi
  80 }
  81
  82 stop() {
  83         if [ -f /var/lock/subsys/sshd ]; then
  84                 msg_stopping OpenSSH
  85                 # we use start-stop-daemon to stop sshd, as it is unacceptable for such
  86                 # critical service as sshd to kill it by procname, but unfortunately
  87                 # rc-scripts does not provide way to kill *only* by pidfile
  88                 start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok || fail
  89                 rm -f /var/lock/subsys/sshd >/dev/null 2>&1
  90         else
  91                 msg_not_running OpenSSH
  92         fi
  93 }
  94
  95 RETVAL=0
  96 # See how we were called.
  97 case "$1" in
  98   start)
  99         start
 100         ;;
 101   stop)
 102         stop
 103         ;;
 104   restart)
 105         checkconfig
 106         stop
 107         start
 108         ;;
 109   status)
 110         status sshd
 111         exit $?
 112         ;;
 113   init)
 114         nls "Now the SSH host key will be generated. Please note, that if you"
 115         nls "will use password for the key, you will need to type it on each"
 116         nls "reboot."
 117         /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key
 118         [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key || :
 119         chmod 600 /etc/ssh/ssh_host_key
 120         /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
 121         [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key || :
 122         chmod 600 /etc/ssh/ssh_host_rsa_key
 123         /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
 124         chmod 600 /etc/ssh/ssh_host_dsa_key
 125         [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key || :
 126         exit $?
 127         ;;
 128   reload|force-reload)
 129         if [ -f /var/lock/subsys/sshd ]; then
 130                 checkconfig
 131                 msg_reloading OpenSSH
 132                 killproc sshd -HUP
 133                 RETVAL=$?
 134         else
 135                 msg_not_running OpenSSH
 136                 exit 7
 137         fi
 138         ;;
 139   *)
 140         msg_usage "$0 {start|stop|init|restart|reload|force-reload|status}"
 141         exit 3
 142 esac
 143
 144 exit $RETVAL