Home Explore Help
Register Sign In
vinelinux
/
specs
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 3b44d16f73
Branches Tags
specs
/
o
/
openssh
/
sshd.init

sshd.init 5.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257 
  1. #!/bin/bash
    2. 

  2. #
    3. 

  3. # sshd		Start up the OpenSSH server daemon
    4. 

  4. #
    5. 

  5. # chkconfig: 2345 55 25
    6. 

  6. # description: SSH is a protocol for secure remote shell access. \
    7. 

  7. #              This service starts up the OpenSSH server daemon.
    8. 

  8. #
    9. 

  9. # processname: sshd
    10. 

  10. # config: /etc/ssh/ssh_host_key
    11. 

  11. # config: /etc/ssh/ssh_host_key.pub
    12. 

  12. # config: /etc/ssh/ssh_random_seed
    13. 

  13. # config: /etc/ssh/sshd_config
    14. 

  14. # pidfile: /var/run/sshd.pid
    15. 

  15. 

  16. ### BEGIN INIT INFO
    17. 

  17. # Provides: sshd
    18. 

  18. # Required-Start: $local_fs $network $syslog
    19. 

  19. # Required-Stop: $local_fs $syslog
    20. 

  20. # Should-Start: $syslog
    21. 

  21. # Should-Stop: $network $syslog
    22. 

  22. # Default-Start: 2 3 4 5
    23. 

  23. # Default-Stop: 0 1 6
    24. 

  24. # Short-Description: Start up the OpenSSH server daemon
    25. 

  25. # Description:       SSH is a protocol for secure remote shell access.
    26. 

  26. #		     This service starts up the OpenSSH server daemon.
    27. 

  27. ### END INIT INFO
    28. 

  28. 

  29. # source function library
    30. 

  30. . /etc/rc.d/init.d/functions
    31. 

  31. 

  32. # pull in sysconfig settings
    33. 

  33. [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
    34. 

  34. 

  35. RETVAL=0
    36. 

  36. prog="sshd"
    37. 

  37. lockfile=/var/lock/subsys/$prog
    38. 

  38. 

  39. # Some functions to make the below more readable
    40. 

  40. KEYGEN=/usr/bin/ssh-keygen
    41. 

  41. SSHD=/usr/sbin/sshd
    42. 

  42. RSA1_KEY=/etc/ssh/ssh_host_key
    43. 

  43. RSA_KEY=/etc/ssh/ssh_host_rsa_key
    44. 

  44. DSA_KEY=/etc/ssh/ssh_host_dsa_key
    45. 

  45. ECDSA_KEY=/etc/ssh/ssh_host_ecdsa_key
    46. 

  46. PID_FILE=/var/run/sshd.pid
    47. 

  47. 

  48. runlevel=$(set -- $(runlevel); eval "echo \$$#" )
    49. 

  49. 

  50. do_rsa1_keygen() {
    51. 

  51. 	if [ ! -s $RSA1_KEY ]; then
    52. 

  52. 		echo -n $"Generating SSH1 RSA host key: "
    53. 

  53. 		rm -f $RSA1_KEY
    54. 

  54. 		if test ! -f $RSA1_KEY && $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
    55. 

  55. 			chmod 600 $RSA1_KEY
    56. 

  56. 			chmod 644 $RSA1_KEY.pub
    57. 

  57. 			if [ -x /sbin/restorecon ]; then
    58. 

  58. 			    /sbin/restorecon $RSA1_KEY.pub
    59. 

  59. 			fi
    60. 

  60. 			success $"RSA1 key generation"
    61. 

  61. 			echo
    62. 

  62. 		else
    63. 

  63. 			failure $"RSA1 key generation"
    64. 

  64. 			echo
    65. 

  65. 			exit 1
    66. 

  66. 		fi
    67. 

  67. 	fi
    68. 

  68. }
    69. 

  69. 

  70. do_rsa_keygen() {
    71. 

  71. 	if [ ! -s $RSA_KEY ]; then
    72. 

  72. 		echo -n $"Generating SSH2 RSA host key: "
    73. 

  73. 		rm -f $RSA_KEY
    74. 

  74. 		if test ! -f $RSA_KEY && $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
    75. 

  75. 			chmod 600 $RSA_KEY
    76. 

  76. 			chmod 644 $RSA_KEY.pub
    77. 

  77. 			if [ -x /sbin/restorecon ]; then
    78. 

  78. 			    /sbin/restorecon $RSA_KEY.pub
    79. 

  79. 			fi
    80. 

  80. 			success $"RSA key generation"
    81. 

  81. 			echo
    82. 

  82. 		else
    83. 

  83. 			failure $"RSA key generation"
    84. 

  84. 			echo
    85. 

  85. 			exit 1
    86. 

  86. 		fi
    87. 

  87. 	fi
    88. 

  88. }
    89. 

  89. 

  90. do_dsa_keygen() {
    91. 

  91. 	if [ ! -s $DSA_KEY ]; then
    92. 

  92. 		echo -n $"Generating SSH2 DSA host key: "
    93. 

  93. 		rm -f $DSA_KEY
    94. 

  94. 		if test ! -f $DSA_KEY && $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
    95. 

  95. 			chmod 600 $DSA_KEY
    96. 

  96. 			chmod 644 $DSA_KEY.pub
    97. 

  97. 			if [ -x /sbin/restorecon ]; then
    98. 

  98. 			    /sbin/restorecon $DSA_KEY.pub
    99. 

  99. 			fi
    100. 

  100. 			success $"DSA key generation"
    101. 

  101. 			echo
    102. 

  102. 		else
    103. 

  103. 			failure $"DSA key generation"
    104. 

  104. 			echo
    105. 

  105. 			exit 1
    106. 

  106. 		fi
    107. 

  107. 	fi
    108. 

  108. }
    109. 

  109. 

  110. do_ecdsa_keygen() {
    111. 

  111. 	if [ ! -s $ECDSA_KEY ]; then
    112. 

  112. 		echo -n $"Generating SSH2 ECDSA host key: "
    113. 

  113. 		rm -f $ECDSA_KEY
    114. 

  114. 		if test ! -f $ECDSA_KEY && $KEYGEN -q -t ecdsa -f $ECDSA_KEY -C '' -N '' >&/dev/null; then
    115. 

  115. 			chmod 600 $ECDSA_KEY
    116. 

  116. 			chmod 644 $ECDSA_KEY.pub
    117. 

  117. 			if [ -x /sbin/restorecon ]; then
    118. 

  118. 			    /sbin/restorecon $ECDSA_KEY.pub
    119. 

  119. 			fi
    120. 

  120. 			success $"ECDSA key generation"
    121. 

  121. 			echo
    122. 

  122. 		else
    123. 

  123. 			failure $"ECDSA key generation"
    124. 

  124. 			echo
    125. 

  125. 			exit 1
    126. 

  126. 		fi
    127. 

  127. 	fi
    128. 

  128. }
    129. 

  129. 

  130. do_restart_sanity_check()
    131. 

  131. {
    132. 

  132. 	$SSHD -t
    133. 

  133. 	RETVAL=$?
    134. 

  134. 	if [ $RETVAL -ne  0 ]; then
    135. 

  135. 		failure $"Configuration file or keys are invalid"
    136. 

  136. 		echo
    137. 

  137. 	fi
    138. 

  138. }
    139. 

  139. 

  140. start() {
    141. 

  141. 	[ -x $SSHD ] || exit 5
    142. 

  142. 	[ -f /etc/ssh/sshd_config ] || exit 6
    143. 

  143. 	# Create keys if necessary
    144. 

  144. 	if [ "x${AUTOCREATE_SERVER_KEYS}" != xNO ]; then
    145. 

  145. 		do_rsa_keygen
    146. 

  146. 		if [ "x${AUTOCREATE_SERVER_KEYS}" != xRSAONLY ]; then
    147. 

  147. 			do_rsa1_keygen
    148. 

  148. 			do_dsa_keygen
    149. 

  149. 			do_ecdsa_keygen
    150. 

  150. 		fi
    151. 

  151. 	fi
    152. 

  152. 

  153. 	cp -af /etc/localtime /var/empty/sshd/etc
    154. 

  154. 

  155. 	echo -n $"Starting $prog: "
    156. 

  156. 	$SSHD $OPTIONS && success || failure
    157. 

  157. 	RETVAL=$?
    158. 

  158. 	[ $RETVAL -eq 0 ] && touch $lockfile
    159. 

  159. 	echo
    160. 

  160. 	return $RETVAL
    161. 

  161. }
    162. 

  162. 

  163. stop() {
    164. 

  164. 	echo -n $"Stopping $prog: "
    165. 

  165. 	if [ -n "`pidfileofproc $SSHD`" ] ; then
    166. 

  166. 	    killproc $SSHD
    167. 

  167. 	else
    168. 

  168. 	    failure $"Stopping $prog"
    169. 

  169. 	fi
    170. 

  170. 	RETVAL=$?
    171. 

  171. 	# if we are in halt or reboot runlevel kill all running sessions
    172. 

  172. 	# so the TCP connections are closed cleanly
    173. 

  173. 	if [ "x$runlevel" = x0 -o "x$runlevel" = x6 ] ; then
    174. 

  174. 	    trap '' TERM
    175. 

  175. 	    killall $prog 2>/dev/null
    176. 

  176. 	    trap TERM
    177. 

  177. 	fi
    178. 

  178. 	[ $RETVAL -eq 0 ] && rm -f $lockfile
    179. 

  179. 	echo
    180. 

  180. }
    181. 

  181. 

  182. reload() {
    183. 

  183. 	echo -n $"Reloading $prog: "
    184. 

  184. 	if [ -n "`pidfileofproc $SSHD`" ] ; then
    185. 

  185. 	    killproc $SSHD -HUP
    186. 

  186. 	else
    187. 

  187. 	    failure $"Reloading $prog"
    188. 

  188. 	fi
    189. 

  189. 	RETVAL=$?
    190. 

  190. 	echo
    191. 

  191. }
    192. 

  192. 

  193. restart() {
    194. 

  194. 	stop
    195. 

  195. 	start
    196. 

  196. }
    197. 

  197. 

  198. force_reload() {
    199. 

  199. 	restart
    200. 

  200. }
    201. 

  201. 

  202. do_status() {
    203. 

  203. 	status -p $PID_FILE openssh-daemon
    204. 

  204. }
    205. 

  205. 

  206. is_running() {
    207. 

  207. 	do_status >/dev/null 2>&1
    208. 

  208. }
    209. 

  209. 

  210. case "$1" in
    211. 

  211. 	start)
    212. 

  212. 		is_running && exit 0
    213. 

  213. 		start
    214. 

  214. 		;;
    215. 

  215. 	stop)
    216. 

  216. 		if ! is_running; then
    217. 

  217. 			rm -f $lockfile
    218. 

  218. 			exit 0
    219. 

  219. 		fi
    220. 

  220. 		stop
    221. 

  221. 		;;
    222. 

  222. 	restart)
    223. 

  223. 		restart
    224. 

  224. 		;;
    225. 

  225. 	reload)
    226. 

  226. 		is_running || exit 7
    227. 

  227. 		reload
    228. 

  228. 		;;
    229. 

  229. 	force-reload)
    230. 

  230. 		force_reload
    231. 

  231. 		;;
    232. 

  232. 	condrestart|try-restart)
    233. 

  233. 		is_running || exit 0
    234. 

  234. 		if [ -f $lockfile ] ; then
    235. 

  235. 			do_restart_sanity_check
    236. 

  236. 			if [ $RETVAL -eq 0 ] ; then
    237. 

  237. 				stop
    238. 

  238. 				# avoid race
    239. 

  239. 				sleep 3
    240. 

  240. 				start
    241. 

  241. 			else
    242. 

  242. 				RETVAL=6
    243. 

  243. 			fi
    244. 

  244. 		fi
    245. 

  245. 		;;
    246. 

  246. 	status)
    247. 

  247. 		do_status
    248. 

  248. 		RETVAL=$?
    249. 

  249. 		if [ $RETVAL -eq 3 -a -f $lockfile ] ; then
    250. 

  250. 			RETVAL=2
    251. 

  251. 		fi
    252. 

  252. 		;;
    253. 

  253. 	*)
    254. 

  254. 		echo $"Usage: $0 {start|stop|restart|reload|force-reload|condrestart|try-restart|status}"
    255. 

  255. 		RETVAL=2
    256. 

  256. esac
    257. 

  257. exit $RETVAL
    258.