3 # sshd sshd (secure shell daemon)
7 # description: sshd (secure shell daemon) is a server part of the ssh suite. \
8 # Ssh can be used for remote login, remote file copying, TCP port \
9 # forwarding etc. Ssh offers strong encryption and authentication.
13 # Source function library
14 . /etc/rc.d/init.d/functions
17 . /etc/sysconfig/network
20 [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
22 # Check that networking is up.
23 if is_yes "${NETWORKING}"; then
24 if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
25 msg_network_down "OpenSSH"
33 if [ -e /var/run/sshd.pid ]; then
34 for pid in $(cat /var/run/sshd.pid); do
35 echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_score_adj
41 /usr/sbin/sshd -t || exit 1
45 # generate new keys with empty passwords if they do not exist
46 if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
47 /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' >&2
48 chmod 600 /etc/ssh/ssh_host_key
49 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key
51 if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
52 /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
53 chmod 600 /etc/ssh/ssh_host_rsa_key
54 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key
56 if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
57 /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
58 chmod 600 /etc/ssh/ssh_host_dsa_key
59 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key
61 if [ ! -f /etc/ssh/ssh_host_ecdsa_key -o ! -s /etc/ssh/ssh_host_ecdsa_key ]; then
62 /usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' >&2
63 chmod 600 /etc/ssh/ssh_host_ecdsa_key
64 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_ecdsa_key
69 # Check if the service is already running?
70 if [ -f /var/lock/subsys/sshd ]; then
71 msg_already_running "OpenSSH"
79 if [ ! -s /etc/ssh/ssh_host_key ]; then
80 msg_not_running "OpenSSH"
81 nls "No SSH host key found! You must run \"%s init\" first." "$0"
85 if is_yes "$IPV4_NETWORKING" && is_no "$IPV6_NETWORKING"; then
88 if is_yes "$IPV6_NETWORKING" && is_no "$IPV4_NETWORKING"; then
92 msg_starting "OpenSSH"
93 daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd $OPTIONS
96 [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
100 if [ -f /var/lock/subsys/sshd ]; then
101 msg_stopping "OpenSSH"
102 # we use start-stop-daemon to stop sshd, as it is unacceptable for such
103 # critical service as sshd to kill it by procname, but unfortunately
104 # rc-scripts does not provide way to kill *only* by pidfile
105 start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok || fail
106 rm -f /var/lock/subsys/sshd >/dev/null 2>&1
108 msg_not_running "OpenSSH"
112 upstart_controlled --except init configtest
115 # See how we were called.
133 nls "Now the SSH host key will be generated. Please note, that if you"
134 nls "will use password for the key, you will need to type it on each"
142 if [ -f /var/lock/subsys/sshd ]; then
144 msg_reloading "OpenSSH"
148 msg_not_running "OpenSSH"
153 msg_usage "$0 {start|stop|init|restart|reload|force-reload|status}"