From 631e05bb3e705d0665d0606ac482567de4b70a44 Mon Sep 17 00:00:00 2001 From: Natanael Copa Date: Sat, 26 Feb 2011 13:00:36 +0000 Subject: main/openssh: generate ecdsa host key --- main/openssh/sshd.initd | 34 +++++++++++++++++++--------------- 1 file changed, 19 insertions(+), 15 deletions(-) (limited to 'main/openssh/sshd.initd') diff --git a/main/openssh/sshd.initd b/main/openssh/sshd.initd index 34852c4e31..d1e6e16d40 100644 --- a/main/openssh/sshd.initd +++ b/main/openssh/sshd.initd @@ -1,9 +1,9 @@ #!/sbin/runscript -# Copyright 1999-2006 Gentoo Foundation +# Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/files/sshd.rc6,v 1.23 2007/09/20 07:38:06 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/files/sshd.rc6.2,v 1.1 2011/01/24 02:55:47 vapier Exp $ -opts="reload" +opts="${opts} reload checkconfig gen_keys" depend() { use logger dns @@ -31,20 +31,23 @@ checkconfig() { "${SSHD_BINARY}" -t ${myopts} || return 1 } -gen_keys() { - if [ ! -e "${SSHD_CONFDIR}"/ssh_host_key ] ; then - einfo "Generating Hostkey..." - /usr/bin/ssh-keygen -t rsa1 -b 1024 -f "${SSHD_CONFDIR}"/ssh_host_key -N '' || return 1 - fi - if [ ! -e "${SSHD_CONFDIR}"/ssh_host_dsa_key ] ; then - einfo "Generating DSA-Hostkey..." - /usr/bin/ssh-keygen -d -f "${SSHD_CONFDIR}"/ssh_host_dsa_key -N '' || return 1 +gen_key() { + local type=$1 key ks + [ $# -eq 1 ] && ks="${type}_" + key="${SSHD_CONFDIR}/ssh_host_${ks}key" + if [ ! -e "${key}" ] ; then + ebegin "Generating ${type} host key" + ssh-keygen -t ${type} -f "${key}" -N '' + eend $? || return $? fi - if [ ! -e "${SSHD_CONFDIR}"/ssh_host_rsa_key ] ; then - einfo "Generating RSA-Hostkey..." - /usr/bin/ssh-keygen -t rsa -f "${SSHD_CONFDIR}"/ssh_host_rsa_key -N '' || return 1 +} + +gen_keys() { + if egrep -q '^[[:space:]]*Protocol[[:space:]]+.*1' "${SSHD_CONFDIR}"/sshd_config ; then + gen_key rsa1 "" || return 1 fi - return 0 + gen_key dsa && gen_key rsa && gen_key ecdsa + return $? } start() { @@ -74,6 +77,7 @@ stop() { } reload() { + checkconfig || return 1 ebegin "Reloading ${SVCNAME}" start-stop-daemon --stop --signal HUP --oknodo \ --exec "${SSHD_BINARY}" --pidfile "${SSHD_PIDFILE}" -- cgit v1.2.3