diff options
Diffstat (limited to 'extra/openssh')
-rw-r--r-- | extra/openssh/sshd.confd | 26 | ||||
-rw-r--r-- | extra/openssh/sshd.initd | 162 |
2 files changed, 0 insertions, 188 deletions
diff --git a/extra/openssh/sshd.confd b/extra/openssh/sshd.confd deleted file mode 100644 index 8c44444..0000000 --- a/extra/openssh/sshd.confd +++ /dev/null @@ -1,26 +0,0 @@ -# Configuration for /etc/init.d/sshd - -# Path of sshd_config file. -#cfgfile="/etc/ssh/sshd_config" - -# Any random options you want to pass to sshd. -# See the sshd(8) manpage for more info. -#command_args="" - -# Space-separated list of SSH host key types to generate if they do -# not already exist. An empty value means generate all of the default -# set of dsa, ecdsa, ed25519, and rsa types. -# -# Example: "ed25519 rsa". -# -#key_types_to_generate="" - -# The number of bits to use for a generated ECDSA SSH host key. -# Defaults to 256 bits if not set. -# -#ecdsa_bit_size="256" - -# Number of bits for use for a generated RSA SSH host key. -# Defaults to 3072 bits if not set. -# -#rsa_bit_size="3072" diff --git a/extra/openssh/sshd.initd b/extra/openssh/sshd.initd deleted file mode 100644 index 477cdbc..0000000 --- a/extra/openssh/sshd.initd +++ /dev/null @@ -1,162 +0,0 @@ -#!/sbin/openrc-run - -description="OpenBSD Secure Shell server" -description_checkconfig="Verify configuration file" -description_reload="Reload configuration" - -extra_commands="checkconfig" -extra_started_commands="reload" - -# NOTE: SSHD_* variables are deprecated and will be removed in future! -: "${sshd_disable_keygen:="${SSHD_DISABLE_KEYGEN:-"no"}"}" -: "${cfgfile:=${SSHD_CONFIG:-"${SSHD_CONFDIR:-"/etc/ssh"}/sshd_config"}}" - -pidfile="${SSHD_PIDFILE:-"/run/$RC_SVCNAME.pid"}" -command="${SSHD_BINARY:-"/usr/sbin/sshd"}" -command_args="${command_args:-${SSHD_OPTS:-}}" - -required_files="$cfgfile" - -generate_host_key_type() { - local bit_size key_type - - key_type=$1 - if [ ! -f /etc/ssh/ssh_host_"${key_type}"_key ]; then - case $key_type in - ecdsa) bit_size="$ecdsa_bit_size";; - rsa) bit_size="$rsa_bit_size";; - esac - einfo "Generating $key_type SSH host key..." - ssh-keygen \ - -q \ - -f /etc/ssh/ssh_host_"$key_type"_key \ - -N '' \ - -t "$key_type" \ - ${bit_size:+ -b ${bit_size}} || return 1 - fi -} - -generate_host_keys() { - local type - - if [ -z "$key_types_to_generate" ] && - [ -z "$ecdsa_bit_size" ] && [ -z "$rsa_bit_size" ]; then - ssh-keygen -A - return - fi - for type in ${key_types_to_generate:-dsa ecdsa ed25519 rsa}; do - generate_host_key_type "$type" || return 1 - done -} - -get_conf() { - awk "/^$1/{ print \$2 }" "$cfgfile" 2>/dev/null -} - -conf_enabled() { - [ "$(get_conf "$1")" = "yes" ] -} - -depend() { - use logger dns - after entropy - - if [ "${rc_need+set}" = "set" ] ; then - : # Do nothing, the user has explicitly set rc_need - else - local x warn_addr - # shellcheck disable=SC2013 - for x in $(get_conf ListenAddress) ; do - case "$x" in - 0.0.0.0|0.0.0.0:*) ;; - ::|\[::\]*) ;; - *) warn_addr="$warn_addr $x" ;; - esac - done - if [ -n "$warn_addr" ] ; then - need net - ewarn "You are binding an interface in ListenAddress statement in your sshd_config!" - ewarn "You must add rc_need=\"net.FOO\" to your /etc/conf.d/sshd" - ewarn "where FOO is the interface(s) providing the following address(es):" - ewarn "$warn_addr" - fi - fi -} - -update_command() { - if conf_enabled KerberosAuthentication || conf_enabled GSSAPIAuthentication && [ -r /usr/sbin/sshd.krb5 ]; then - command="${SSHD_BINARY:-"/usr/sbin/sshd.krb5"}" - elif conf_enabled UsePAM && [ -r /usr/sbin/sshd.pam ]; then - command="${SSHD_BINARY:-"/usr/sbin/sshd.pam"}" - fi -} - -checkconfig() { - update_command - warn_deprecated_var SSHD_BINARY - warn_deprecated_var SSHD_CONFDIR - warn_deprecated_var SSHD_CONFIG cfgfile - warn_deprecated_var SSHD_DISABLE_KEYGEN sshd_disable_keygen - warn_deprecated_var SSHD_OPTS command_args - warn_deprecated_var SSHD_PIDFILE - - if [ ! -d /var/empty ] ; then - mkdir -p /var/empty || return 1 - fi - - if ! yesno "$sshd_disable_keygen"; then - generate_host_keys || return 1 - fi - - [ "$pidfile" != "/run/sshd.pid" ] \ - && command_args="$command_args -o PidFile=$pidfile" - - [ "$cfgfile" != "/etc/ssh/sshd_config" ] \ - && command_args="$command_args -f $cfgfile" - - # shellcheck disable=SC2086 - "$command" -t $command_args || return 1 -} - -start_pre() { - checkconfig -} - -stop_pre() { - update_command - if [ "${RC_CMD}" = "restart" ] ; then - checkconfig || return 1 - fi -} - -stop_post() { - if [ "$RC_RUNLEVEL" = "shutdown" ]; then - _sshd_pids=$(pgrep "${command##*/}") - if [ -n "$_sshd_pids" ]; then - ebegin "Shutting down ssh connections" - # shellcheck disable=SC2086 - kill -TERM $_sshd_pids >/dev/null 2>&1 - eend 0 - fi - fi -} - -reload() { - checkconfig || return 1 - - ebegin "Reloading $RC_SVCNAME" - start-stop-daemon --signal HUP \ - --exec "$command" --pidfile "$pidfile" - eend $? -} - -warn_deprecated_var() { - local varname="$1" - local replacement="${2:-}" - - eval "test -n \"\$$varname\"" || return 0 - - ewarn "Variable \$$varname is deprecated and will be removed in the future!" - # shellcheck disable=SC2015 - [ "$replacement" ] && ewarn "Use \$$replacement instead of \$$varname." ||: -} |