2001-06-16 07:16:14 +00:00
|
|
|
#!/bin/sh
|
|
|
|
#
|
2002-06-13 22:14:37 +00:00
|
|
|
# $FreeBSD$
|
2001-06-16 07:16:14 +00:00
|
|
|
#
|
|
|
|
|
|
|
|
# PROVIDE: sshd
|
2012-09-11 05:04:59 +00:00
|
|
|
# REQUIRE: LOGIN FILESYSTEMS
|
2008-07-16 19:50:29 +00:00
|
|
|
# KEYWORD: shutdown
|
2001-06-16 07:16:14 +00:00
|
|
|
|
|
|
|
. /etc/rc.subr
|
|
|
|
|
|
|
|
name="sshd"
|
2012-01-14 02:18:41 +00:00
|
|
|
rcvar="sshd_enable"
|
2005-10-23 14:06:53 +00:00
|
|
|
command="/usr/sbin/${name}"
|
2002-06-13 22:14:37 +00:00
|
|
|
keygen_cmd="sshd_keygen"
|
|
|
|
start_precmd="sshd_precmd"
|
2013-09-21 21:34:22 +00:00
|
|
|
reload_precmd="sshd_configtest"
|
|
|
|
restart_precmd="sshd_configtest"
|
2012-09-04 21:56:16 +00:00
|
|
|
configtest_cmd="sshd_configtest"
|
2001-06-16 07:16:14 +00:00
|
|
|
pidfile="/var/run/${name}.pid"
|
2012-09-04 21:56:16 +00:00
|
|
|
extra_commands="configtest keygen reload"
|
2001-06-16 07:16:14 +00:00
|
|
|
|
2013-09-21 21:34:22 +00:00
|
|
|
: ${sshd_rsa1_enable:="yes"}
|
|
|
|
: ${sshd_rsa_enable:="yes"}
|
|
|
|
: ${sshd_dsa_enable:="yes"}
|
|
|
|
: ${sshd_ecdsa_enable:="yes"}
|
2014-01-31 13:12:02 +00:00
|
|
|
: ${sshd_ed25519_enable:="yes"}
|
2004-08-04 08:10:37 +00:00
|
|
|
|
2013-09-21 21:34:22 +00:00
|
|
|
sshd_keygen_alg()
|
2004-08-04 08:10:37 +00:00
|
|
|
{
|
2013-09-21 21:34:22 +00:00
|
|
|
local alg=$1
|
|
|
|
local ALG="$(echo $alg | tr a-z A-Z)"
|
|
|
|
local keyfile
|
|
|
|
|
|
|
|
if ! checkyesno "sshd_${alg}_enable" ; then
|
|
|
|
return 0
|
2004-08-04 08:10:37 +00:00
|
|
|
fi
|
|
|
|
|
2013-09-21 21:34:22 +00:00
|
|
|
case $alg in
|
|
|
|
rsa1)
|
|
|
|
keyfile="/etc/ssh/ssh_host_key"
|
|
|
|
;;
|
2014-01-31 13:12:02 +00:00
|
|
|
rsa|dsa|ecdsa|ed25519)
|
2013-09-21 21:34:22 +00:00
|
|
|
keyfile="/etc/ssh/ssh_host_${alg}_key"
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
return 1
|
|
|
|
;;
|
|
|
|
esac
|
2002-06-13 22:14:37 +00:00
|
|
|
|
2013-09-21 21:34:22 +00:00
|
|
|
if [ ! -x /usr/bin/ssh-keygen ] ; then
|
2006-08-22 11:17:29 +00:00
|
|
|
warn "/usr/bin/ssh-keygen does not exist."
|
2002-06-13 22:14:37 +00:00
|
|
|
return 1
|
2001-06-16 07:16:14 +00:00
|
|
|
fi
|
|
|
|
|
2013-09-21 21:34:22 +00:00
|
|
|
if [ -f "${keyfile}" ] ; then
|
2013-10-07 21:39:42 +00:00
|
|
|
info "$ALG host key exists."
|
2001-06-16 07:16:14 +00:00
|
|
|
else
|
2013-09-21 21:34:22 +00:00
|
|
|
echo "Generating $ALG host key."
|
|
|
|
/usr/bin/ssh-keygen -q -t $alg -f "$keyfile" -N ""
|
|
|
|
/usr/bin/ssh-keygen -l -f "$keyfile.pub"
|
2001-06-16 07:16:14 +00:00
|
|
|
fi
|
2013-09-21 21:34:22 +00:00
|
|
|
}
|
2011-05-04 07:34:44 +00:00
|
|
|
|
2013-09-21 21:34:22 +00:00
|
|
|
sshd_keygen()
|
|
|
|
{
|
|
|
|
sshd_keygen_alg rsa1
|
|
|
|
sshd_keygen_alg rsa
|
|
|
|
sshd_keygen_alg dsa
|
|
|
|
sshd_keygen_alg ecdsa
|
2014-01-31 13:12:02 +00:00
|
|
|
sshd_keygen_alg ed25519
|
2001-06-16 07:16:14 +00:00
|
|
|
}
|
|
|
|
|
2012-09-04 21:56:16 +00:00
|
|
|
sshd_configtest()
|
|
|
|
{
|
|
|
|
echo "Performing sanity check on ${name} configuration."
|
|
|
|
eval ${command} ${sshd_flags} -t
|
|
|
|
}
|
|
|
|
|
2001-06-16 07:16:14 +00:00
|
|
|
sshd_precmd()
|
|
|
|
{
|
2013-09-21 21:34:22 +00:00
|
|
|
run_rc_command keygen
|
|
|
|
run_rc_command configtest
|
2001-06-16 07:16:14 +00:00
|
|
|
}
|
|
|
|
|
2006-08-22 11:17:29 +00:00
|
|
|
load_rc_config $name
|
2001-06-16 07:16:14 +00:00
|
|
|
run_rc_command "$1"
|