Lines 24-29
Link Here
|
24 |
: ${openssh_enable:="NO"} |
24 |
: ${openssh_enable:="NO"} |
25 |
: ${openssh_skipportscheck="NO"} |
25 |
: ${openssh_skipportscheck="NO"} |
26 |
|
26 |
|
|
|
27 |
: ${openssh_rsa1_keygen_enable="YES"} |
28 |
: ${openssh_rsa1_keygen_flags=""} |
29 |
: ${openssh_rsa_keygen_enable="YES"} |
30 |
: ${openssh_rsa_keygen_flags=""} |
31 |
: ${openssh_dsa_keygen_enable="YES"} |
32 |
: ${openssh_dsa_keygen_flags=""} |
33 |
: ${openssh_ecdsa_keygen_enable="YES"} |
34 |
: ${openssh_ecdsa_keygen_flags=""} |
35 |
: ${openssh_ed25519_keygen_enable="YES"} |
36 |
: ${openssh_ed25519_keygen_flags=""} |
37 |
|
27 |
command=%%PREFIX%%/sbin/sshd |
38 |
command=%%PREFIX%%/sbin/sshd |
28 |
extra_commands="configtest reload keygen" |
39 |
extra_commands="configtest reload keygen" |
29 |
start_precmd="${name}_checks" |
40 |
start_precmd="${name}_checks" |
Lines 35-45
Link Here
|
35 |
|
46 |
|
36 |
openssh_keygen() |
47 |
openssh_keygen() |
37 |
{ |
48 |
{ |
38 |
if [ -f %%ETCDIR%%/ssh_host_key -a \ |
49 |
local skip_rsa1= skip_dsa= skip_rsa= skip_ecdsa= skip_ed25519= |
39 |
-f %%ETCDIR%%/ssh_host_dsa_key -a \ |
50 |
checkyesno openssh_rsa1_keygen_enable || skip_rsa1=y |
40 |
-f %%ETCDIR%%/ssh_host_rsa_key -a \ |
51 |
checkyesno openssh_dsa_keygen_enable || skip_dsa=y |
41 |
-f %%ETCDIR%%/ssh_host_ecdsa_key -a \ |
52 |
checkyesno openssh_rsa_keygen_enable || skip_rsa=y |
42 |
-f %%ETCDIR%%/ssh_host_ed25519_key ]; then |
53 |
checkyesno openssh_ecdsa_keygen_enable || skip_ecdsa=y |
|
|
54 |
checkyesno openssh_ed25519_keygen_enable || skip_ed25519=y |
55 |
|
56 |
if [ \( -n "$skip_rsa1" -o -f %%ETCDIR%%/ssh_host_key \) -a \ |
57 |
\( -n "$skip_dsa" -o -f %%ETCDIR%%/ssh_host_dsa_key \) -a \ |
58 |
\( -n "$skip_rsa" -o -f %%ETCDIR%%/ssh_host_rsa_key \) -a \ |
59 |
\( -n "$skip_ecdsa" -o -f %%ETCDIR%%/ssh_host_ecdsa_key \) -a \ |
60 |
\( -n "$skip_ed25519" -o -f %%ETCDIR%%/ssh_host_ed25519_key \) ]; then |
43 |
return 0 |
61 |
return 0 |
44 |
fi |
62 |
fi |
45 |
|
63 |
|
Lines 53-60
Link Here
|
53 |
echo "You already have an RSA host key" \ |
71 |
echo "You already have an RSA host key" \ |
54 |
"in %%ETCDIR%%/ssh_host_key" |
72 |
"in %%ETCDIR%%/ssh_host_key" |
55 |
echo "Skipping protocol version 1 RSA Key Generation" |
73 |
echo "Skipping protocol version 1 RSA Key Generation" |
56 |
else |
74 |
elif checkyesno openssh_rsa1_keygen_enable; then |
57 |
%%PREFIX%%/bin/ssh-keygen -t rsa1 -b 1024 \ |
75 |
%%PREFIX%%/bin/ssh-keygen -t rsa1 $openssh_rsa1_keygen_flags \ |
58 |
-f %%ETCDIR%%/ssh_host_key -N '' |
76 |
-f %%ETCDIR%%/ssh_host_key -N '' |
59 |
fi |
77 |
fi |
60 |
|
78 |
|
Lines 62-69
Link Here
|
62 |
echo "You already have a DSA host key" \ |
80 |
echo "You already have a DSA host key" \ |
63 |
"in %%ETCDIR%%/ssh_host_dsa_key" |
81 |
"in %%ETCDIR%%/ssh_host_dsa_key" |
64 |
echo "Skipping protocol version 2 DSA Key Generation" |
82 |
echo "Skipping protocol version 2 DSA Key Generation" |
65 |
else |
83 |
elif checkyesno openssh_dsa_keygen_enable; then |
66 |
%%PREFIX%%/bin/ssh-keygen -t dsa \ |
84 |
%%PREFIX%%/bin/ssh-keygen -t dsa $openssh_dsa_keygen_flags \ |
67 |
-f %%ETCDIR%%/ssh_host_dsa_key -N '' |
85 |
-f %%ETCDIR%%/ssh_host_dsa_key -N '' |
68 |
fi |
86 |
fi |
69 |
|
87 |
|
Lines 71-78
Link Here
|
71 |
echo "You already have a RSA host key" \ |
89 |
echo "You already have a RSA host key" \ |
72 |
"in %%ETCDIR%%/ssh_host_rsa_key" |
90 |
"in %%ETCDIR%%/ssh_host_rsa_key" |
73 |
echo "Skipping protocol version 2 RSA Key Generation" |
91 |
echo "Skipping protocol version 2 RSA Key Generation" |
74 |
else |
92 |
elif checkyesno openssh_rsa_keygen_enable; then |
75 |
%%PREFIX%%/bin/ssh-keygen -t rsa \ |
93 |
%%PREFIX%%/bin/ssh-keygen -t rsa $openssh_rsa_keygen_flags \ |
76 |
-f %%ETCDIR%%/ssh_host_rsa_key -N '' |
94 |
-f %%ETCDIR%%/ssh_host_rsa_key -N '' |
77 |
fi |
95 |
fi |
78 |
|
96 |
|
Lines 80-87
Link Here
|
80 |
echo "You already have a Elliptic Curve DSA host key" \ |
98 |
echo "You already have a Elliptic Curve DSA host key" \ |
81 |
"in %%ETCDIR%%/ssh_host_ecdsa_key" |
99 |
"in %%ETCDIR%%/ssh_host_ecdsa_key" |
82 |
echo "Skipping protocol version 2 Elliptic Curve DSA Key Generation" |
100 |
echo "Skipping protocol version 2 Elliptic Curve DSA Key Generation" |
83 |
else |
101 |
elif checkyesno openssh_ecdsa_keygen_enable; then |
84 |
%%PREFIX%%/bin/ssh-keygen -t ecdsa \ |
102 |
%%PREFIX%%/bin/ssh-keygen -t ecdsa $openssh_ecdsa_keygen_flags \ |
85 |
-f %%ETCDIR%%/ssh_host_ecdsa_key -N '' |
103 |
-f %%ETCDIR%%/ssh_host_ecdsa_key -N '' |
86 |
fi |
104 |
fi |
87 |
|
105 |
|
Lines 89-96
Link Here
|
89 |
echo "You already have a Elliptic Curve ED25519 host key" \ |
107 |
echo "You already have a Elliptic Curve ED25519 host key" \ |
90 |
"in %%ETCDIR%%/ssh_host_ed25519_key" |
108 |
"in %%ETCDIR%%/ssh_host_ed25519_key" |
91 |
echo "Skipping protocol version 2 Elliptic Curve ED25519 Key Generation" |
109 |
echo "Skipping protocol version 2 Elliptic Curve ED25519 Key Generation" |
92 |
else |
110 |
elif checkyesno openssh_ed25519_keygen_enable; then |
93 |
%%PREFIX%%/bin/ssh-keygen -t ed25519 \ |
111 |
%%PREFIX%%/bin/ssh-keygen -t ed25519 $openssh_ed22519_keygen_flags \ |
94 |
-f %%ETCDIR%%/ssh_host_ed25519_key -N '' |
112 |
-f %%ETCDIR%%/ssh_host_ed25519_key -N '' |
95 |
fi |
113 |
fi |
96 |
} |
114 |
} |