#!/bin/sh # # $NetBSD: sshd,v 1.23.8.3 2018/06/07 16:11:49 martin Exp $ # # PROVIDE: sshd # REQUIRE: LOGIN $_rc_subr_loaded . /etc/rc.subr name="sshd" rcvar=$name command="/usr/sbin/${name}" pidfile="/var/run/${name}.pid" required_files="/etc/ssh/sshd_config" extra_commands="keygen reload" sshd_keygen() { ( keygen="/usr/bin/ssh-keygen" umask 022 while read type bits filename version name; do f="/etc/ssh/$filename" if [ -f "$f" ]; then echo "You already have an $name host key in $f" echo "Skipping protocol version $version $name" \ "Key Generation" else case "${bits}" in -1) bitarg=;; 0) bitarg="${ssh_keygen_flags}";; *) bitarg="-b ${bits}";; esac "${keygen}" -t "${type}" ${bitarg} -f "${f}" -N '' -q && \ printf "ssh-keygen: " && "${keygen}" -f "${f}" -l fi done << _EOF dsa 1024 ssh_host_dsa_key 2 DSA ecdsa 521 ssh_host_ecdsa_key 1 ECDSA ed25519 -1 ssh_host_ed25519_key 1 ED25519 rsa 0 ssh_host_rsa_key 2 RSA _EOF ) } sshd_precmd() { if ! [ -f /etc/ssh/ssh_host_dsa_key ] || ! [ -f /etc/ssh/ssh_host_ecdsa_key ] || ! [ -f /etc/ssh/ssh_host_ed25519_key ] || ! [ -f /etc/ssh/ssh_host_rsa_key ]; then run_rc_command keygen fi } keygen_cmd=sshd_keygen start_precmd=sshd_precmd load_rc_config $name run_rc_command "$1"