3 # sshd sshd (secure shell daemon)
7 # description: sshd (secure shell daemon) is a server part of the ssh suite. \
8 # Ssh can be used for remote login, remote file copying, TCP port \
9 # forwarding etc. Ssh offers strong encryption and authentication.
13 # Source function library
14 . /etc/rc.d/init.d/functions
17 . /etc/sysconfig/network
20 [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
22 # Check that networking is up.
23 if is_yes "${NETWORKING}"; then
24 if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
25 msg_network_down OpenSSH
33 if [ -e /var/run/sshd.pid ]; then
34 for pid in $(cat /var/run/sshd.pid); do
35 echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_adj
41 /usr/sbin/sshd -t || exit 1
45 # generate new keys with empty passwords if they do not exist
46 if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
47 /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' 1>&2
48 chmod 600 /etc/ssh/ssh_host_key
49 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key || :
51 if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
52 /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' 1>&2
53 chmod 600 /etc/ssh/ssh_host_rsa_key
54 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key || :
56 if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
57 /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' 1>&2
58 chmod 600 /etc/ssh/ssh_host_dsa_key
59 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key || :
64 if [ ! -f /etc/ssh/ssh_host_key ]; then
65 msg_not_running OpenSSH
66 nls "No SSH host key found! You must run \"%s init\" first." "$0"
70 # Check if the service is already running?
71 if [ ! -f /var/lock/subsys/sshd ]; then
73 daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd
76 [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
78 msg_already_running OpenSSH
83 if [ -f /var/lock/subsys/sshd ]; then
85 # we use start-stop-daemon to stop sshd, as it is unacceptable for such
86 # critical service as sshd to kill it by procname, but unfortunately
87 # rc-scripts does not provide way to kill *only* by pidfile
88 start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok || fail
89 rm -f /var/lock/subsys/sshd >/dev/null 2>&1
91 msg_not_running OpenSSH
96 # See how we were called.
114 nls "Now the SSH host key will be generated. Please note, that if you"
115 nls "will use password for the key, you will need to type it on each"
117 /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key
118 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key || :
119 chmod 600 /etc/ssh/ssh_host_key
120 /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
121 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key || :
122 chmod 600 /etc/ssh/ssh_host_rsa_key
123 /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
124 chmod 600 /etc/ssh/ssh_host_dsa_key
125 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key || :
129 if [ -f /var/lock/subsys/sshd ]; then
131 msg_reloading OpenSSH
135 msg_not_running OpenSSH
140 msg_usage "$0 {start|stop|init|restart|reload|force-reload|status}"