sshd revision 157653
1#!/bin/sh 2# 3# $NetBSD: sshd,v 1.18 2002/04/29 08:23:34 lukem Exp $ 4# $FreeBSD: head/etc/rc.d/sshd 157653 2006-04-11 08:55:27Z flz $ 5# 6 7# PROVIDE: sshd 8# REQUIRE: LOGIN cleanvar 9 10. /etc/rc.subr 11 12name="sshd" 13rcvar=`set_rcvar` 14command="/usr/sbin/${name}" 15keygen_cmd="sshd_keygen" 16start_precmd="sshd_precmd" 17pidfile="/var/run/${name}.pid" 18extra_commands="keygen reload" 19 20timeout=300 21 22load_rc_config $name 23 24user_reseed() 25{ 26 ( 27 seeded=`sysctl -n kern.random.sys.seeded 2>/dev/null` 28 if [ "${seeded}" != "" ] ; then 29 warn "Setting entropy source to blocking mode." 30 echo "====================================================" 31 echo "Type a full screenful of random junk to unblock" 32 echo "it and remember to finish with <enter>. This will" 33 echo "timeout in ${timeout} seconds, but waiting for" 34 echo "the timeout without typing junk may make the" 35 echo "entropy source deliver predictable output." 36 echo "" 37 echo "Just hit <enter> for fast+insecure startup." 38 echo "====================================================" 39 sysctl kern.random.sys.seeded=0 2>/dev/null 40 read -t ${timeout} junk 41 echo "${junk}" `sysctl -a` `date` > /dev/random 42 fi 43 ) 44} 45 46sshd_keygen() 47{ 48 ( 49 umask 022 50 51 # Can't do anything if ssh is not installed 52 [ -x ${prefix}/bin/ssh-keygen ] || { 53 warn "${prefix}/bin/ssh-keygen does not exist." 54 return 1 55 } 56 57 if [ -f ${etcdir}/ssh/ssh_host_key ]; then 58 echo "You already have an RSA host key" \ 59 "in ${etcdir}/ssh/ssh_host_key" 60 echo "Skipping protocol version 1 RSA Key Generation" 61 else 62 ${prefix}/bin/ssh-keygen -t rsa1 -b 1024 \ 63 -f ${etcdir}/ssh/ssh_host_key -N '' 64 fi 65 66 if [ -f ${etcdir}/ssh/ssh_host_dsa_key ]; then 67 echo "You already have a DSA host key" \ 68 "in ${etcdir}/ssh/ssh_host_dsa_key" 69 echo "Skipping protocol version 2 DSA Key Generation" 70 else 71 ${prefix}/bin/ssh-keygen -t dsa -f ${etcdir}/ssh/ssh_host_dsa_key -N '' 72 fi 73 74 if [ -f ${etcdir}/ssh/ssh_host_rsa_key ]; then 75 echo "You already have a RSA host key" \ 76 "in ${etcdir}/ssh/ssh_host_rsa_key" 77 echo "Skipping protocol version 2 RSA Key Generation" 78 else 79 ${prefix}/bin/ssh-keygen -t rsa -f ${etcdir}/ssh/ssh_host_rsa_key -N '' 80 fi 81 ) 82} 83 84sshd_precmd() 85{ 86 if [ ! -f ${etcdir}/ssh/ssh_host_key -o \ 87 ! -f ${etcdir}/ssh/ssh_host_dsa_key -o \ 88 ! -f ${etcdir}/ssh/ssh_host_rsa_key ]; then 89 user_reseed 90 run_rc_command keygen 91 fi 92} 93 94run_rc_command "$1" 95