3 # sshd sshd (secure shell daemon)
7 # description: sshd (secure shell daemon) is a server part of the ssh suite. \
8 # Ssh can be used for remote login, remote file copying, TCP port \
9 # forwarding etc. Ssh offers strong encryption and authentication.
13 # Source function library
14 . /etc/rc.d/init.d/functions
17 . /etc/sysconfig/network
20 [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
22 # Check that networking is up.
23 if is_yes "${NETWORKING}"; then
24 if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
25 msg_network_down "OpenSSH"
33 if [ -e /var/run/sshd.pid ]; then
34 for pid in $(cat /var/run/sshd.pid); do
35 if [ -e /proc/$pid/oom_score_adj ]; then
36 echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_score_adj
38 echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_adj
45 /usr/sbin/sshd -t || exit 1
49 # generate new keys with empty passwords if they do not exist
50 if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
51 /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' >&2
52 chmod 600 /etc/ssh/ssh_host_key
53 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key
55 if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
56 /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
57 chmod 600 /etc/ssh/ssh_host_rsa_key
58 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key
60 if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
61 /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
62 chmod 600 /etc/ssh/ssh_host_dsa_key
63 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key
68 # Check if the service is already running?
69 if [ -f /var/lock/subsys/sshd ]; then
70 msg_already_running "OpenSSH"
78 if [ ! -s /etc/ssh/ssh_host_key ]; then
79 msg_not_running "OpenSSH"
80 nls "No SSH host key found! You must run \"%s init\" first." "$0"
84 if is_yes "$IPV4_NETWORKING" && is_no "$IPV6_NETWORKING"; then
87 if is_yes "$IPV6_NETWORKING" && is_no "$IPV4_NETWORKING"; then
91 msg_starting "OpenSSH"
92 daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd $OPTIONS
95 [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
99 if [ -f /var/lock/subsys/sshd ]; then
100 msg_stopping "OpenSSH"
101 # we use start-stop-daemon to stop sshd, as it is unacceptable for such
102 # critical service as sshd to kill it by procname, but unfortunately
103 # rc-scripts does not provide way to kill *only* by pidfile
104 start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok || fail
105 rm -f /var/lock/subsys/sshd >/dev/null 2>&1
107 msg_not_running "OpenSSH"
111 upstart_controlled --except init configtest
114 # See how we were called.
132 nls "Now the SSH host key will be generated. Please note, that if you"
133 nls "will use password for the key, you will need to type it on each"
141 if [ -f /var/lock/subsys/sshd ]; then
143 msg_reloading "OpenSSH"
147 msg_not_running "OpenSSH"
152 msg_usage "$0 {start|stop|init|restart|reload|force-reload|status}"