diff options
Diffstat (limited to 'sshd_support')
| -rwxr-xr-x | sshd_support | 182 |
1 files changed, 182 insertions, 0 deletions
diff --git a/sshd_support b/sshd_support new file mode 100755 index 0000000..7120eaa --- /dev/null +++ b/sshd_support @@ -0,0 +1,182 @@ +#!/bin/bash +# +# Init file for OpenSSH server daemon +# +# chkconfig: 2345 55 25 +# description: OpenSSH server daemon +# +# processname: sshd +# config: /etc/ssh/ssh_host_key +# config: /etc/ssh/ssh_host_key.pub +# config: /etc/ssh/ssh_random_seed +# config: /etc/ssh/sshd_support_config +# pidfile: /var/run/sshd_support.pid + +# source function library +. /etc/rc.d/init.d/functions + +# pull in sysconfig settings +[ -f /etc/sysconfig/sshd_support ] && . /etc/sysconfig/sshd_support + +RETVAL=0 +prog="sshd_support" + +# Some functions to make the below more readable +KEYGEN=/usr/bin/ssh-keygen +SSHD=/usr/sbin/sshd +RSA1_KEY=/etc/ssh/ssh_host_key +RSA_KEY=/etc/ssh/ssh_host_rsa_key +DSA_KEY=/etc/ssh/ssh_host_dsa_key +PID_FILE=/var/run/sshd_support.pid +PID_BASENAME=sshd_support +CONFIG_FILE=/etc/ssh/sshd_support_config + +runlevel=$(set -- $(runlevel); eval "echo \$$#" ) + +do_rsa1_keygen() { + if [ ! -s $RSA1_KEY ]; then + echo -n $"Generating SSH1 RSA host key: " + if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then + chmod 600 $RSA1_KEY + chmod 644 $RSA1_KEY.pub + if [ -x /sbin/restorecon ]; then + /sbin/restorecon $RSA1_KEY.pub + fi + success $"RSA1 key generation" + echo + else + failure $"RSA1 key generation" + echo + exit 1 + fi + fi +} + +do_rsa_keygen() { + if [ ! -s $RSA_KEY ]; then + echo -n $"Generating SSH2 RSA host key: " + if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then + chmod 600 $RSA_KEY + chmod 644 $RSA_KEY.pub + if [ -x /sbin/restorecon ]; then + /sbin/restorecon $RSA_KEY.pub + fi + success $"RSA key generation" + echo + else + failure $"RSA key generation" + echo + exit 1 + fi + fi +} + +do_dsa_keygen() { + if [ ! -s $DSA_KEY ]; then + echo -n $"Generating SSH2 DSA host key: " + if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then + chmod 600 $DSA_KEY + chmod 644 $DSA_KEY.pub + if [ -x /sbin/restorecon ]; then + /sbin/restorecon $DSA_KEY.pub + fi + success $"DSA key generation" + echo + else + failure $"DSA key generation" + echo + exit 1 + fi + fi +} + +do_restart_sanity_check() +{ + $SSHD -f $CONFIG_FILE -t + RETVAL=$? + if [ ! "$RETVAL" = 0 ]; then + failure $"Configuration file or keys are invalid" + echo + fi +} + +start() +{ + # Create keys if necessary + do_rsa1_keygen + do_rsa_keygen + do_dsa_keygen + + cp -af /etc/localtime /var/empty/sshd/etc + + echo -n $"Starting $prog: " + $SSHD -f $CONFIG_FILE -o "PidFile $PID_FILE" $OPTIONS && success || failure + RETVAL=$? + [ "$RETVAL" = 0 ] && touch /var/lock/subsys/sshd_support + echo +} + +stop() +{ + echo -n $"Stopping $prog: " + if [ -n "`pidfileofproc $PID_BASENAME`" ] ; then + killproc $PID_BASENAME + else + failure $"Stopping $prog" + fi + RETVAL=$? + # if we are in halt or reboot runlevel kill all running sessions + # so the TCP connections are closed cleanly + if [ "x$runlevel" = x0 -o "x$runlevel" = x6 ] ; then + killall $prog 2>/dev/null + fi + [ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/sshd_support + echo +} + +reload() +{ + echo -n $"Reloading $prog: " + if [ -n "`pidfileofproc $PID_BASENAME`" ] ; then + killproc $PID_BASENAME -HUP + else + failure $"Reloading $prog" + fi + RETVAL=$? + echo +} + +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart) + stop + start + ;; + reload) + reload + ;; + condrestart) + if [ -f /var/lock/subsys/sshd_support ] ; then + do_restart_sanity_check + if [ "$RETVAL" = 0 ] ; then + stop + # avoid race + sleep 3 + start + fi + fi + ;; + status) + status $PID_BASENAME + RETVAL=$? + ;; + *) + echo $"Usage: $0 {start|stop|restart|reload|condrestart|status}" + RETVAL=1 +esac +exit $RETVAL |