88 lines
1.5 KiB
Bash
Executable File
88 lines
1.5 KiB
Bash
Executable File
#!/bin/sh
|
|
#
|
|
# $FreeBSD$
|
|
#
|
|
|
|
# PROVIDE: sshd
|
|
# REQUIRE: LOGIN FILESYSTEMS
|
|
# KEYWORD: shutdown
|
|
|
|
. /etc/rc.subr
|
|
|
|
name="sshd"
|
|
rcvar="sshd_enable"
|
|
command="/usr/sbin/${name}"
|
|
keygen_cmd="sshd_keygen"
|
|
start_precmd="sshd_precmd"
|
|
reload_precmd="sshd_configtest"
|
|
restart_precmd="sshd_configtest"
|
|
configtest_cmd="sshd_configtest"
|
|
pidfile="/var/run/${name}.pid"
|
|
extra_commands="configtest keygen reload"
|
|
|
|
: ${sshd_rsa1_enable:="yes"}
|
|
: ${sshd_rsa_enable:="yes"}
|
|
: ${sshd_dsa_enable:="yes"}
|
|
: ${sshd_ecdsa_enable:="yes"}
|
|
: ${sshd_ed25519_enable:="yes"}
|
|
|
|
sshd_keygen_alg()
|
|
{
|
|
local alg=$1
|
|
local ALG="$(echo $alg | tr a-z A-Z)"
|
|
local keyfile
|
|
|
|
if ! checkyesno "sshd_${alg}_enable" ; then
|
|
return 0
|
|
fi
|
|
|
|
case $alg in
|
|
rsa1)
|
|
keyfile="/etc/ssh/ssh_host_key"
|
|
;;
|
|
rsa|dsa|ecdsa|ed25519)
|
|
keyfile="/etc/ssh/ssh_host_${alg}_key"
|
|
;;
|
|
*)
|
|
return 1
|
|
;;
|
|
esac
|
|
|
|
if [ ! -x /usr/bin/ssh-keygen ] ; then
|
|
warn "/usr/bin/ssh-keygen does not exist."
|
|
return 1
|
|
fi
|
|
|
|
if [ -f "${keyfile}" ] ; then
|
|
info "$ALG host key exists."
|
|
else
|
|
echo "Generating $ALG host key."
|
|
/usr/bin/ssh-keygen -q -t $alg -f "$keyfile" -N ""
|
|
/usr/bin/ssh-keygen -l -f "$keyfile.pub"
|
|
fi
|
|
}
|
|
|
|
sshd_keygen()
|
|
{
|
|
sshd_keygen_alg rsa1
|
|
sshd_keygen_alg rsa
|
|
sshd_keygen_alg dsa
|
|
sshd_keygen_alg ecdsa
|
|
sshd_keygen_alg ed25519
|
|
}
|
|
|
|
sshd_configtest()
|
|
{
|
|
echo "Performing sanity check on ${name} configuration."
|
|
eval ${command} ${sshd_flags} -t
|
|
}
|
|
|
|
sshd_precmd()
|
|
{
|
|
run_rc_command keygen
|
|
run_rc_command configtest
|
|
}
|
|
|
|
load_rc_config $name
|
|
run_rc_command "$1"
|