etc/rc.d/sshd

#!/bin/sh
#
# $FreeBSD$
#

# PROVIDE: sshd
# REQUIRE: LOGIN FILESYSTEMS
# KEYWORD: shutdown

. /etc/rc.subr

name="sshd"
rcvar="sshd_enable"
command="/usr/sbin/${name}"
keygen_cmd="sshd_keygen"
start_precmd="sshd_precmd"
reload_precmd="sshd_configtest"
restart_precmd="sshd_configtest"
configtest_cmd="sshd_configtest"
pidfile="/var/run/${name}.pid"
extra_commands="configtest keygen reload"

: ${sshd_rsa1_enable:="yes"}
: ${sshd_rsa_enable:="yes"}
: ${sshd_dsa_enable:="yes"}
: ${sshd_ecdsa_enable:="yes"}
: ${sshd_ed25519_enable:="yes"}

sshd_keygen_alg()
{
        local alg=$1
        local ALG="$(echo $alg | tr a-z A-Z)"
        local keyfile

        if ! checkyesno "sshd_${alg}_enable" ; then
                return 0
        fi

        case $alg in
        rsa1)
                keyfile="/etc/ssh/ssh_host_key"
                ;;
        rsa|dsa|ecdsa|ed25519)
                keyfile="/etc/ssh/ssh_host_${alg}_key"
                ;;
        *)
                return 1
                ;;
        esac

        if [ ! -x /usr/bin/ssh-keygen ] ; then
                warn "/usr/bin/ssh-keygen does not exist."
                return 1
        fi

        if [ -f "${keyfile}" ] ; then
                info "$ALG host key exists."
        else
                echo "Generating $ALG host key."
                /usr/bin/ssh-keygen -q -t $alg -f "$keyfile" -N ""
                /usr/bin/ssh-keygen -l -f "$keyfile.pub"
        fi
}

sshd_keygen()
{
        sshd_keygen_alg rsa1
        sshd_keygen_alg rsa
        sshd_keygen_alg dsa
        sshd_keygen_alg ecdsa
        sshd_keygen_alg ed25519
}

sshd_configtest()
{
        echo "Performing sanity check on ${name} configuration."
        eval ${command} ${sshd_flags} -t
}

sshd_precmd()
{
        run_rc_command keygen
        run_rc_command configtest
}

load_rc_config $name
run_rc_command "$1"
1	#!/bin/sh
2	#
3	# $FreeBSD$
4	#
5
6	# PROVIDE: sshd
7	# REQUIRE: LOGIN FILESYSTEMS
8	# KEYWORD: shutdown
9
10	. /etc/rc.subr
11
12	name="sshd"
13	rcvar="sshd_enable"
14	command="/usr/sbin/${name}"
15	keygen_cmd="sshd_keygen"
16	start_precmd="sshd_precmd"
17	reload_precmd="sshd_configtest"
18	restart_precmd="sshd_configtest"
19	configtest_cmd="sshd_configtest"
20	pidfile="/var/run/${name}.pid"
21	extra_commands="configtest keygen reload"
22
23	: ${sshd_rsa1_enable:="yes"}
24	: ${sshd_rsa_enable:="yes"}
25	: ${sshd_dsa_enable:="yes"}
26	: ${sshd_ecdsa_enable:="yes"}
27	: ${sshd_ed25519_enable:="yes"}
28
29	sshd_keygen_alg()
30	{
31	local alg=$1
32	local ALG="$(echo $alg \| tr a-z A-Z)"
33	local keyfile
34
35	if ! checkyesno "sshd_${alg}_enable" ; then
36	return 0
37	fi
38
39	case $alg in
40	rsa1)
41	keyfile="/etc/ssh/ssh_host_key"
42	;;
43	rsa\|dsa\|ecdsa\|ed25519)
44	keyfile="/etc/ssh/ssh_host_${alg}_key"
45	;;
46	*)
47	return 1
48	;;
49	esac
50
51	if [ ! -x /usr/bin/ssh-keygen ] ; then
52	warn "/usr/bin/ssh-keygen does not exist."
53	return 1
54	fi
55
56	if [ -f "${keyfile}" ] ; then
57	info "$ALG host key exists."
58	else
59	echo "Generating $ALG host key."
60	/usr/bin/ssh-keygen -q -t $alg -f "$keyfile" -N ""
61	/usr/bin/ssh-keygen -l -f "$keyfile.pub"
62	fi
63	}
64
65	sshd_keygen()
66	{
67	sshd_keygen_alg rsa1
68	sshd_keygen_alg rsa
69	sshd_keygen_alg dsa
70	sshd_keygen_alg ecdsa
71	sshd_keygen_alg ed25519
72	}
73
74	sshd_configtest()
75	{
76	echo "Performing sanity check on ${name} configuration."
77	eval ${command} ${sshd_flags} -t
78	}
79
80	sshd_precmd()
81	{
82	run_rc_command keygen
83	run_rc_command configtest
84	}
85
86	load_rc_config $name
87	run_rc_command "$1"