3 # sshd sshd (secure shell daemon)
7 # description: sshd (secure shell daemon) is a server part of the ssh suite. \
8 # Ssh can be used for remote login, remote file copying, TCP port \
9 # forwarding etc. Ssh offers strong encryption and authentication.
12 # Source function library
13 . /etc/rc.d/init.d/functions
16 . /etc/sysconfig/network
19 [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
21 # Check that networking is up.
22 if is_yes "${NETWORKING}"; then
23 if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
24 msg_network_down OpenSSH
32 /usr/sbin/sshd -t || exit 1
36 # See how we were called.
39 # generate new keys with empty passwords if they do not exist
40 if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
41 /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' 1>&2
42 chmod 600 /etc/ssh/ssh_host_key
43 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key || :
45 if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
46 /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' 1>&2
47 chmod 600 /etc/ssh/ssh_host_rsa_key
48 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key || :
50 if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
51 /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' 1>&2
52 chmod 600 /etc/ssh/ssh_host_dsa_key
53 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key || :
58 if [ ! -f /etc/ssh/ssh_host_key ]; then
59 msg_not_running OpenSSH
60 nls "No SSH host key found! You must run \"%s init\" first." "$0"
64 # Check if the service is already running?
65 if [ ! -f /var/lock/subsys/sshd ]; then
69 [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
71 msg_already_running OpenSSH
75 if [ -f /var/lock/subsys/sshd ]; then
77 # we use start-stop-daemon to stop sshd, as it is unacceptable for such
78 # critical service as sshd to kill it by procname, but unfortunately
79 # rc-scripts does not provide way to kill *only* by pidfile
80 start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok || fail
81 rm -f /var/lock/subsys/sshd >/dev/null 2>&1
83 msg_not_running OpenSSH
97 nls "Now the SSH host key will be generated. Please note, that if you"
98 nls "will use password for the key, you will need to type it on each"
100 /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key
101 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key || :
102 chmod 600 /etc/ssh/ssh_host_key
103 /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
104 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key || :
105 chmod 600 /etc/ssh/ssh_host_rsa_key
106 /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
107 chmod 600 /etc/ssh/ssh_host_dsa_key
108 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key || :
112 if [ -f /var/lock/subsys/sshd ]; then
113 msg_reloading OpenSSH
117 msg_not_running OpenSSH
122 msg_usage "$0 {start|stop|init|restart|reload|force-reload|status}"