178344Sobrien#!/bin/sh 278344Sobrien# 398184Sgordon# $FreeBSD$ 478344Sobrien# 578344Sobrien 678344Sobrien# PROVIDE: sshd 7242153Sobrien# REQUIRE: LOGIN FILESYSTEMS 8180564Sdougb# KEYWORD: shutdown 978344Sobrien 1078344Sobrien. /etc/rc.subr 1178344Sobrien 1278344Sobrienname="sshd" 13231653Sdougbrcvar="sshd_enable" 14151586Syarcommand="/usr/sbin/${name}" 1598184Sgordonkeygen_cmd="sshd_keygen" 1698184Sgordonstart_precmd="sshd_precmd" 17263970Sdesreload_precmd="sshd_configtest" 18263970Sdesrestart_precmd="sshd_configtest" 19247461Sdesconfigtest_cmd="sshd_configtest" 2078344Sobrienpidfile="/var/run/${name}.pid" 21247461Sdesextra_commands="configtest keygen reload" 2278344Sobrien 23263970Sdes: ${sshd_rsa1_enable:="yes"} 24263970Sdes: ${sshd_rsa_enable:="yes"} 25263970Sdes: ${sshd_dsa_enable:="yes"} 26263970Sdes: ${sshd_ecdsa_enable:="yes"} 27263970Sdes: ${sshd_ed25519_enable:="yes"} 28133110Smarkm 29263970Sdessshd_keygen_alg() 30133110Smarkm{ 31263970Sdes local alg=$1 32263970Sdes local ALG="$(echo $alg | tr a-z A-Z)" 33263970Sdes local keyfile 34263970Sdes 35263970Sdes if ! checkyesno "sshd_${alg}_enable" ; then 36263970Sdes return 0 37133110Smarkm fi 38133110Smarkm 39263970Sdes case $alg in 40263970Sdes rsa1) 41263970Sdes keyfile="/etc/ssh/ssh_host_key" 42263970Sdes ;; 43263970Sdes rsa|dsa|ecdsa|ed25519) 44263970Sdes keyfile="/etc/ssh/ssh_host_${alg}_key" 45263970Sdes ;; 46263970Sdes *) 47263970Sdes return 1 48263970Sdes ;; 49263970Sdes esac 5098184Sgordon 51263970Sdes if [ ! -x /usr/bin/ssh-keygen ] ; then 52161530Sflz warn "/usr/bin/ssh-keygen does not exist." 5398184Sgordon return 1 5478344Sobrien fi 5578344Sobrien 56263970Sdes if [ -f "${keyfile}" ] ; then 57263970Sdes info "$ALG host key exists." 5878344Sobrien else 59263970Sdes echo "Generating $ALG host key." 60263970Sdes /usr/bin/ssh-keygen -q -t $alg -f "$keyfile" -N "" 61263970Sdes /usr/bin/ssh-keygen -l -f "$keyfile.pub" 6278344Sobrien fi 63263970Sdes} 6498184Sgordon 65263970Sdessshd_keygen() 66263970Sdes{ 67263970Sdes sshd_keygen_alg rsa1 68263970Sdes sshd_keygen_alg rsa 69263970Sdes sshd_keygen_alg dsa 70263970Sdes sshd_keygen_alg ecdsa 71263970Sdes sshd_keygen_alg ed25519 7278344Sobrien} 7378344Sobrien 74247461Sdessshd_configtest() 75247461Sdes{ 76247461Sdes echo "Performing sanity check on ${name} configuration." 77247461Sdes eval ${command} ${sshd_flags} -t 78247461Sdes} 79247461Sdes 8078344Sobriensshd_precmd() 8178344Sobrien{ 82263970Sdes run_rc_command keygen 83263970Sdes run_rc_command configtest 8478344Sobrien} 8578344Sobrien 86161530Sflzload_rc_config $name 8778344Sobrienrun_rc_command "$1" 88