178344Sobrien#!/bin/sh 278344Sobrien# 398184Sgordon# $FreeBSD$ 478344Sobrien# 578344Sobrien 678344Sobrien# PROVIDE: sshd 7240336Sobrien# REQUIRE: LOGIN FILESYSTEMS 8180564Sdougb# KEYWORD: shutdown 978344Sobrien 1078344Sobrien. /etc/rc.subr 1178344Sobrien 1278344Sobrienname="sshd" 13230099Sdougbrcvar="sshd_enable" 14151586Syarcommand="/usr/sbin/${name}" 1598184Sgordonkeygen_cmd="sshd_keygen" 1698184Sgordonstart_precmd="sshd_precmd" 17255766Sdesreload_precmd="sshd_configtest" 18255766Sdesrestart_precmd="sshd_configtest" 19240109Sdesconfigtest_cmd="sshd_configtest" 2078344Sobrienpidfile="/var/run/${name}.pid" 21240109Sdesextra_commands="configtest keygen reload" 2278344Sobrien 23255766Sdes: ${sshd_rsa1_enable:="yes"} 24255766Sdes: ${sshd_rsa_enable:="yes"} 25255766Sdes: ${sshd_dsa_enable:="yes"} 26255766Sdes: ${sshd_ecdsa_enable:="yes"} 27262566Sdes: ${sshd_ed25519_enable:="yes"} 28133110Smarkm 29255766Sdessshd_keygen_alg() 30133110Smarkm{ 31255766Sdes local alg=$1 32255766Sdes local ALG="$(echo $alg | tr a-z A-Z)" 33255766Sdes local keyfile 34255766Sdes 35255766Sdes if ! checkyesno "sshd_${alg}_enable" ; then 36255766Sdes return 0 37133110Smarkm fi 38133110Smarkm 39255766Sdes case $alg in 40255766Sdes rsa1) 41255766Sdes keyfile="/etc/ssh/ssh_host_key" 42255766Sdes ;; 43262566Sdes rsa|dsa|ecdsa|ed25519) 44255766Sdes keyfile="/etc/ssh/ssh_host_${alg}_key" 45255766Sdes ;; 46255766Sdes *) 47255766Sdes return 1 48255766Sdes ;; 49255766Sdes esac 5098184Sgordon 51255766Sdes if [ ! -x /usr/bin/ssh-keygen ] ; then 52161530Sflz warn "/usr/bin/ssh-keygen does not exist." 5398184Sgordon return 1 5478344Sobrien fi 5578344Sobrien 56255766Sdes if [ -f "${keyfile}" ] ; then 57256126Sdelphij info "$ALG host key exists." 5878344Sobrien else 59255766Sdes echo "Generating $ALG host key." 60255766Sdes /usr/bin/ssh-keygen -q -t $alg -f "$keyfile" -N "" 61255766Sdes /usr/bin/ssh-keygen -l -f "$keyfile.pub" 6278344Sobrien fi 63255766Sdes} 6498184Sgordon 65255766Sdessshd_keygen() 66255766Sdes{ 67255766Sdes sshd_keygen_alg rsa1 68255766Sdes sshd_keygen_alg rsa 69255766Sdes sshd_keygen_alg dsa 70255766Sdes sshd_keygen_alg ecdsa 71262566Sdes sshd_keygen_alg ed25519 7278344Sobrien} 7378344Sobrien 74240109Sdessshd_configtest() 75240109Sdes{ 76240109Sdes echo "Performing sanity check on ${name} configuration." 77240109Sdes eval ${command} ${sshd_flags} -t 78240109Sdes} 79240109Sdes 8078344Sobriensshd_precmd() 8178344Sobrien{ 82255766Sdes run_rc_command keygen 83255766Sdes run_rc_command configtest 8478344Sobrien} 8578344Sobrien 86161530Sflzload_rc_config $name 8778344Sobrienrun_rc_command "$1" 88