1180740Sdes#!/bin/bash
2180740Sdes#
3180740Sdes# Init file for OpenSSH server daemon
4180740Sdes#
5180740Sdes# chkconfig: 2345 55 25
6180740Sdes# description: OpenSSH server daemon
7180740Sdes#
8180740Sdes# processname: sshd
9180740Sdes# config: /etc/ssh/ssh_host_key
10180740Sdes# config: /etc/ssh/ssh_host_key.pub
11180740Sdes# config: /etc/ssh/ssh_random_seed
12180740Sdes# config: /etc/ssh/sshd_config
13180740Sdes# pidfile: /var/run/sshd.pid
14180740Sdes
15180740Sdes# source function library
16180740Sdes. /etc/rc.d/init.d/functions
17180740Sdes
18180740Sdes# pull in sysconfig settings
19180740Sdes[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
20180740Sdes
21180740SdesRETVAL=0
22180740Sdesprog="sshd"
23180740Sdes
24180740Sdes# Some functions to make the below more readable
25180740SdesKEYGEN=/usr/bin/ssh-keygen
26180740SdesSSHD=/usr/sbin/sshd
27180740SdesRSA1_KEY=/etc/ssh/ssh_host_key
28180740SdesRSA_KEY=/etc/ssh/ssh_host_rsa_key
29180740SdesDSA_KEY=/etc/ssh/ssh_host_dsa_key
30180740SdesPID_FILE=/var/run/sshd.pid
31180740Sdes
32180740Sdesmy_success() {
33180740Sdes  local msg
34180740Sdes  if [ $# -gt 1 ]; then
35180740Sdes    msg="$2"
36180740Sdes  else
37180740Sdes    msg="done"
38180740Sdes  fi
39180740Sdes  case "`type -type success`" in
40180740Sdes    function)
41180740Sdes      success "$1"
42180740Sdes    ;;
43180740Sdes    *)
44180740Sdes      echo -n "${msg}"
45180740Sdes    ;;
46180740Sdes  esac
47180740Sdes}
48180740Sdesmy_failure() {
49180740Sdes  local msg
50180740Sdes  if [ $# -gt 1 ]; then
51180740Sdes    msg="$2"
52180740Sdes  else
53180740Sdes    msg="FAILED"
54180740Sdes  fi
55180740Sdes  case "`type -type failure`" in
56180740Sdes    function)
57180740Sdes      failure "$1"
58180740Sdes    ;;
59180740Sdes    *)
60180740Sdes      echo -n "${msg}"
61180740Sdes    ;;
62180740Sdes  esac
63180740Sdes}
64180740Sdesdo_rsa1_keygen() {
65180740Sdes	if [ ! -s $RSA1_KEY ]; then
66180740Sdes		echo -n "Generating SSH1 RSA host key: "
67180740Sdes		if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
68180740Sdes			chmod 600 $RSA1_KEY
69180740Sdes			chmod 644 $RSA1_KEY.pub
70180740Sdes			my_success "RSA1 key generation"
71180740Sdes			echo
72180740Sdes		else
73180740Sdes			my_failure "RSA1 key generation"
74180740Sdes			echo
75180740Sdes			exit 1
76180740Sdes		fi
77180740Sdes	fi
78180740Sdes}
79180740Sdesdo_rsa_keygen() {
80180740Sdes	if [ ! -s $RSA_KEY ]; then
81180740Sdes		echo -n "Generating SSH2 RSA host key: "
82180740Sdes		if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
83180740Sdes			chmod 600 $RSA_KEY
84180740Sdes			chmod 644 $RSA_KEY.pub
85180740Sdes			my_success "RSA key generation"
86180740Sdes			echo
87180740Sdes		else
88180740Sdes			my_failure "RSA key generation"
89180740Sdes			echo
90180740Sdes			exit 1
91180740Sdes		fi
92180740Sdes	fi
93180740Sdes}
94180740Sdesdo_dsa_keygen() {
95180740Sdes	if [ ! -s $DSA_KEY ]; then
96180740Sdes		echo -n "Generating SSH2 DSA host key: "
97180740Sdes		if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
98180740Sdes			chmod 600 $DSA_KEY
99180740Sdes			chmod 644 $DSA_KEY.pub
100180740Sdes			my_success "DSA key generation"
101180740Sdes			echo
102180740Sdes		else
103180740Sdes			my_failure "DSA key generation"
104180740Sdes			echo
105180740Sdes			exit 1
106180740Sdes		fi
107180740Sdes	fi
108180740Sdes}
109180740Sdesdo_restart_sanity_check() {
110180740Sdes	$SSHD -t
111180740Sdes	RETVAL=$?
112180740Sdes	if [ ! "$RETVAL" = 0 ]; then
113180740Sdes		my_failure "Configuration file or keys"
114180740Sdes		echo
115180740Sdes	fi
116180740Sdes}
117180740Sdes
118180740Sdes
119180740Sdescase "$1" in
120180740Sdes	start)
121180740Sdes		# Create keys if necessary
122180740Sdes		do_rsa1_keygen;
123180740Sdes		do_rsa_keygen;
124180740Sdes		do_dsa_keygen;
125180740Sdes		
126180740Sdes		echo -n "Starting sshd: "
127180740Sdes		if [ ! -f $PID_FILE ] ; then
128180740Sdes			sshd $OPTIONS
129180740Sdes			RETVAL=$?
130180740Sdes			if [ "$RETVAL" = "0" ] ; then
131180740Sdes				my_success "sshd startup" "sshd"
132180740Sdes				touch /var/lock/subsys/sshd
133180740Sdes			else
134180740Sdes				my_failure "sshd startup" ""
135180740Sdes			fi
136180740Sdes		fi
137180740Sdes		echo
138180740Sdes		;;
139180740Sdes	stop)
140180740Sdes		echo -n "Shutting down sshd: "
141180740Sdes		if [ -f $PID_FILE ] ; then
142180740Sdes			killproc sshd
143180740Sdes			RETVAL=$?
144180740Sdes			[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/sshd
145180740Sdes		fi
146180740Sdes		echo
147180740Sdes		;;
148180740Sdes	restart)
149180740Sdes		do_restart_sanity_check
150180740Sdes		$0 stop
151180740Sdes		$0 start
152180740Sdes		RETVAL=$?
153180740Sdes		;;
154180740Sdes	condrestart)
155180740Sdes		if [ -f /var/lock/subsys/sshd ] ; then
156180740Sdes			do_restart_sanity_check
157180740Sdes			$0 stop
158180740Sdes			$0 start
159180740Sdes			RETVAL=$?
160180740Sdes		fi
161180740Sdes		;;
162180740Sdes	status)
163180740Sdes		status sshd
164180740Sdes		RETVAL=$?
165180740Sdes		;;
166180740Sdes	*)
167180740Sdes		echo "Usage: sshd {start|stop|restart|status|condrestart}"
168180740Sdes		exit 1
169180740Sdes		;;
170180740Sdesesac
171180740Sdes
172180740Sdesexit $RETVAL
173