Lines 24-29
Link Here
|
24 |
: ${openssh_enable:="NO"} |
24 |
: ${openssh_enable:="NO"} |
25 |
: ${openssh_skipportscheck="NO"} |
25 |
: ${openssh_skipportscheck="NO"} |
26 |
|
26 |
|
|
|
27 |
: ${openssh_dsa_keygen_enable="YES"} |
28 |
: ${openssh_dsa_keygen_flags=""} |
29 |
: ${openssh_rsa_keygen_enable="YES"} |
30 |
: ${openssh_rsa_keygen_flags=""} |
31 |
: ${openssh_ecdsa_keygen_enable="YES"} |
32 |
: ${openssh_ecdsa_keygen_flags=""} |
33 |
: ${openssh_ed25519_keygen_enable="YES"} |
34 |
: ${openssh_ed25519_keygen_flags=""} |
35 |
|
27 |
command=%%PREFIX%%/sbin/sshd |
36 |
command=%%PREFIX%%/sbin/sshd |
28 |
extra_commands="configtest reload keygen" |
37 |
extra_commands="configtest reload keygen" |
29 |
start_precmd="${name}_checks" |
38 |
start_precmd="${name}_checks" |
Lines 35-45
Link Here
|
35 |
|
44 |
|
36 |
openssh_keygen() |
45 |
openssh_keygen() |
37 |
{ |
46 |
{ |
38 |
if [ -f %%ETCDIR%%/ssh_host_key -a \ |
47 |
local skip_dsa= skip_rsa= skip_ecdsa= skip_ed25519= |
39 |
-f %%ETCDIR%%/ssh_host_dsa_key -a \ |
48 |
checkyesno openssh_dsa_keygen_enable || skip_dsa=y |
40 |
-f %%ETCDIR%%/ssh_host_rsa_key -a \ |
49 |
checkyesno openssh_rsa_keygen_enable || skip_rsa=y |
41 |
-f %%ETCDIR%%/ssh_host_ecdsa_key -a \ |
50 |
checkyesno openssh_ecdsa_keygen_enable || skip_ecdsa=y |
42 |
-f %%ETCDIR%%/ssh_host_ed25519_key ]; then |
51 |
checkyesno openssh_ed25519_keygen_enable || skip_ed25519=y |
|
|
52 |
|
53 |
if [ \( -n "$skip_dsa" -o -f %%ETCDIR%%/ssh_host_dsa_key \) -a \ |
54 |
\( -n "$skip_rsa" -o -f %%ETCDIR%%/ssh_host_rsa_key \) -a \ |
55 |
\( -n "$skip_ecdsa" -o -f %%ETCDIR%%/ssh_host_ecdsa_key \) -a \ |
56 |
\( -n "$skip_ed25519" -o -f %%ETCDIR%%/ssh_host_ed25519_key \) ]; then |
43 |
return 0 |
57 |
return 0 |
44 |
fi |
58 |
fi |
45 |
|
59 |
|
Lines 49-69
Link Here
|
49 |
[ -x %%PREFIX%%/bin/ssh-keygen ] || |
63 |
[ -x %%PREFIX%%/bin/ssh-keygen ] || |
50 |
err 1 "%%PREFIX%%/bin/ssh-keygen does not exist." |
64 |
err 1 "%%PREFIX%%/bin/ssh-keygen does not exist." |
51 |
|
65 |
|
52 |
if [ -f %%ETCDIR%%/ssh_host_key ]; then |
|
|
53 |
echo "You already have an RSA host key" \ |
54 |
"in %%ETCDIR%%/ssh_host_key" |
55 |
echo "Skipping protocol version 1 RSA Key Generation" |
56 |
else |
57 |
%%PREFIX%%/bin/ssh-keygen -t rsa1 -b 1024 \ |
58 |
-f %%ETCDIR%%/ssh_host_key -N '' |
59 |
fi |
60 |
|
61 |
if [ -f %%ETCDIR%%/ssh_host_dsa_key ]; then |
66 |
if [ -f %%ETCDIR%%/ssh_host_dsa_key ]; then |
62 |
echo "You already have a DSA host key" \ |
67 |
echo "You already have a DSA host key" \ |
63 |
"in %%ETCDIR%%/ssh_host_dsa_key" |
68 |
"in %%ETCDIR%%/ssh_host_dsa_key" |
64 |
echo "Skipping protocol version 2 DSA Key Generation" |
69 |
echo "Skipping protocol version 2 DSA Key Generation" |
65 |
else |
70 |
elif checkyesno openssh_dsa_keygen_enable; then |
66 |
%%PREFIX%%/bin/ssh-keygen -t dsa \ |
71 |
%%PREFIX%%/bin/ssh-keygen -t dsa $openssh_dsa_keygen_flags \ |
67 |
-f %%ETCDIR%%/ssh_host_dsa_key -N '' |
72 |
-f %%ETCDIR%%/ssh_host_dsa_key -N '' |
68 |
fi |
73 |
fi |
69 |
|
74 |
|
Lines 71-78
Link Here
|
71 |
echo "You already have a RSA host key" \ |
76 |
echo "You already have a RSA host key" \ |
72 |
"in %%ETCDIR%%/ssh_host_rsa_key" |
77 |
"in %%ETCDIR%%/ssh_host_rsa_key" |
73 |
echo "Skipping protocol version 2 RSA Key Generation" |
78 |
echo "Skipping protocol version 2 RSA Key Generation" |
74 |
else |
79 |
elif checkyesno openssh_rsa_keygen_enable; then |
75 |
%%PREFIX%%/bin/ssh-keygen -t rsa \ |
80 |
%%PREFIX%%/bin/ssh-keygen -t rsa $openssh_rsa_keygen_flags \ |
76 |
-f %%ETCDIR%%/ssh_host_rsa_key -N '' |
81 |
-f %%ETCDIR%%/ssh_host_rsa_key -N '' |
77 |
fi |
82 |
fi |
78 |
|
83 |
|
Lines 80-87
Link Here
|
80 |
echo "You already have a Elliptic Curve DSA host key" \ |
85 |
echo "You already have a Elliptic Curve DSA host key" \ |
81 |
"in %%ETCDIR%%/ssh_host_ecdsa_key" |
86 |
"in %%ETCDIR%%/ssh_host_ecdsa_key" |
82 |
echo "Skipping protocol version 2 Elliptic Curve DSA Key Generation" |
87 |
echo "Skipping protocol version 2 Elliptic Curve DSA Key Generation" |
83 |
else |
88 |
elif checkyesno openssh_ecdsa_keygen_enable; then |
84 |
%%PREFIX%%/bin/ssh-keygen -t ecdsa \ |
89 |
%%PREFIX%%/bin/ssh-keygen -t ecdsa $openssh_ecdsa_keygen_flags \ |
85 |
-f %%ETCDIR%%/ssh_host_ecdsa_key -N '' |
90 |
-f %%ETCDIR%%/ssh_host_ecdsa_key -N '' |
86 |
fi |
91 |
fi |
87 |
|
92 |
|
Lines 89-96
Link Here
|
89 |
echo "You already have a Elliptic Curve ED25519 host key" \ |
94 |
echo "You already have a Elliptic Curve ED25519 host key" \ |
90 |
"in %%ETCDIR%%/ssh_host_ed25519_key" |
95 |
"in %%ETCDIR%%/ssh_host_ed25519_key" |
91 |
echo "Skipping protocol version 2 Elliptic Curve ED25519 Key Generation" |
96 |
echo "Skipping protocol version 2 Elliptic Curve ED25519 Key Generation" |
92 |
else |
97 |
elif checkyesno openssh_ed25519_keygen_enable; then |
93 |
%%PREFIX%%/bin/ssh-keygen -t ed25519 \ |
98 |
%%PREFIX%%/bin/ssh-keygen -t ed25519 $openssh_ed22519_keygen_flags \ |
94 |
-f %%ETCDIR%%/ssh_host_ed25519_key -N '' |
99 |
-f %%ETCDIR%%/ssh_host_ed25519_key -N '' |
95 |
fi |
100 |
fi |
96 |
} |
101 |
} |