main/openssh/sshd.initd


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95

#!/sbin/runscript
# Copyright 1999-2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/files/sshd.rc6.3,v 1.2 2011/09/14 21:46:19 polynomial-c Exp $

extra_commands="checkconfig gen_keys"
extra_started_commands="reload"

depend() {
	use logger dns
	need net
	after firewall
}

SSHD_CONFDIR=${SSHD_CONFDIR:-/etc/ssh}
SSHD_PIDFILE=${SSHD_PIDFILE:-/var/run/${SVCNAME}.pid}
SSHD_BINARY=${SSHD_BINARY:-/usr/sbin/sshd}

checkconfig() {
	if [ ! -d /var/empty ] ; then
		mkdir -p /var/empty || return 1
	fi

	if [ ! -e "${SSHD_CONFDIR}"/sshd_config ] ; then
		eerror "You need an ${SSHD_CONFDIR}/sshd_config file to run sshd"
		eerror "There is a sample file in /usr/share/doc/openssh"
		return 1
	fi

	gen_keys || return 1

	[ "${SSHD_PIDFILE}" != "/var/run/sshd.pid" ] \
		&& SSHD_OPTS="${SSHD_OPTS} -o PidFile=${SSHD_PIDFILE}"
	[ "${SSHD_CONFDIR}" != "/etc/ssh" ] \
		&& SSHD_OPTS="${SSHD_OPTS} -f ${SSHD_CONFDIR}/sshd_config"

	"${SSHD_BINARY}" -t ${SSHD_OPTS} || return 1
}

gen_key() {
	local type=$1 key ks
	[ $# -eq 1 ] && ks="${type}_"
	key="${SSHD_CONFDIR}/ssh_host_${ks}key"
	if [ ! -e "${key}" ] ; then
		ebegin "Generating ${type} host key"
		ssh-keygen -t ${type} -f "${key}" -N ''
		eend $? || return $?
	fi
}

gen_keys() {
	if egrep -q '^[[:space:]]*Protocol[[:space:]]+.*1' "${SSHD_CONFDIR}"/sshd_config ; then
		gen_key rsa1 "" || return 1
	fi
	gen_key dsa && gen_key rsa && gen_key ecdsa
	return $?
}

start() {
	checkconfig || return 1

	ebegin "Starting ${SVCNAME}"
	start-stop-daemon --start --exec "${SSHD_BINARY}" \
	    --pidfile "${SSHD_PIDFILE}" \
	    -- ${SSHD_OPTS}
	eend $?
}

stop() {
	if [ "${RC_CMD}" = "restart" ] ; then
		checkconfig || return 1
	fi

	ebegin "Stopping ${SVCNAME}"
	start-stop-daemon --stop --exec "${SSHD_BINARY}" \
	    --pidfile "${SSHD_PIDFILE}" --quiet
	eend $?

	if [ "$RC_RUNLEVEL" = "shutdown" ]; then
		_sshd_pids=$(pgrep "${SSHD_BINARY##*/}")
		if [ -n "$_sshd_pids" ]; then
			ebegin "Shutting down ssh connections"
			kill -TERM $_sshd_pids >/dev/null 2>&1
			eend 0
		fi
	fi
}

reload() {
	checkconfig || return 1
	ebegin "Reloading ${SVCNAME}"
	start-stop-daemon --signal HUP \
	    --exec "${SSHD_BINARY}" --pidfile "${SSHD_PIDFILE}"
	eend $?
}