aboutsummaryrefslogtreecommitdiff
path: root/security/openssh-portable
diff options
context:
space:
mode:
authorDoug Barton <dougb@FreeBSD.org>2012-06-24 22:49:52 +0000
committerDoug Barton <dougb@FreeBSD.org>2012-06-24 22:49:52 +0000
commit399881097f5daeaca5d9f137a077a93e2f9bd14b (patch)
treeb36657e43c0a237afc823d6964b7fa206eda22df /security/openssh-portable
parent44fa80481074cd35888ebc22004934733aaa2124 (diff)
downloadports-399881097f5daeaca5d9f137a077a93e2f9bd14b.tar.gz
ports-399881097f5daeaca5d9f137a077a93e2f9bd14b.zip
Notes
Diffstat (limited to 'security/openssh-portable')
-rw-r--r--security/openssh-portable/files/openssh.in111
1 files changed, 53 insertions, 58 deletions
diff --git a/security/openssh-portable/files/openssh.in b/security/openssh-portable/files/openssh.in
index 0c3839dbeb20..4d2c77333093 100644
--- a/security/openssh-portable/files/openssh.in
+++ b/security/openssh-portable/files/openssh.in
@@ -1,9 +1,10 @@
#!/bin/sh
-#
+
# $FreeBSD$
#
# PROVIDE: openssh
# REQUIRE: DAEMON
+# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf to enable openssh:
#
@@ -12,8 +13,6 @@
# openssh_flags (flags): Set extra flags to openssh.
# Default is "". see sshd(1).
# openssh_pidfile (file): Set full path to pid file.
-# Default is "/var/run/sshd.pid".
-#
. /etc/rc.subr
@@ -22,8 +21,7 @@ rcvar=openssh_enable
load_rc_config ${name}
-: ${openssh_enable="NO"}
-: ${openssh_pidfile="/var/run/sshd.pid"}
+: ${openssh_enable:="NO"}
: ${openssh_skipportscheck="NO"}
command=%%PREFIX%%/sbin/sshd
@@ -31,57 +29,57 @@ extra_commands="reload keygen"
start_precmd="${name}_checks"
restart_precmd="${name}_checks"
keygen_cmd="${name}_keygen"
-pidfile=${openssh_pidfile}
+pidfile=${openssh_pidfile:="/var/run/sshd.pid"}
openssh_keygen()
{
- if [ ! -f %%ETCSSH%%/ssh_host_key -o \
- ! -f %%ETCSSH%%/ssh_host_dsa_key -o \
- ! -f %%ETCSSH%%/ssh_host_rsa_key -o \
- ! -f %%ETCSSH%%/ssh_host_ecdsa_key ]; then
-
- umask 022
-
- # Can't do anything if ssh is not installed
- [ -x %%PREFIX%%/bin/ssh-keygen ] || {
- err 1 "%%PREFIX%%/bin/ssh-keygen does not exist."
- }
-
- if [ -f %%ETCSSH%%/ssh_host_key ]; then
- echo "You already have an RSA host key" \
- "in %%ETCSSH%%/ssh_host_key"
- echo "Skipping protocol version 1 RSA Key Generation"
- else
- %%PREFIX%%/bin/ssh-keygen -t rsa1 -b 1024 \
- -f %%ETCSSH%%/ssh_host_key -N ''
- fi
-
- if [ -f %%ETCSSH%%/ssh_host_dsa_key ]; then
- echo "You already have a DSA host key" \
- "in %%ETCSSH%%/ssh_host_dsa_key"
- echo "Skipping protocol version 2 DSA Key Generation"
- else
- %%PREFIX%%/bin/ssh-keygen -t dsa \
- -f %%ETCSSH%%/ssh_host_dsa_key -N ''
- fi
-
- if [ -f %%ETCSSH%%/ssh_host_rsa_key ]; then
- echo "You already have a RSA host key" \
- "in %%ETCSSH%%/ssh_host_rsa_key"
- echo "Skipping protocol version 2 RSA Key Generation"
- else
- %%PREFIX%%/bin/ssh-keygen -t rsa \
- -f %%ETCSSH%%/ssh_host_rsa_key -N ''
- fi
-
- if [ -f %%ETCSSH%%/ssh_host_ecdsa_key ]; then
- echo "You already have a Elliptic Curve DSA host key" \
- "in %%ETCSSH%%/ssh_host_ecdsa_key"
- echo "Skipping protocol version 2 Elliptic Curve DSA Key Generation"
- else
- %%PREFIX%%/bin/ssh-keygen -t ecdsa \
- -f %%ETCSSH%%/ssh_host_ecdsa_key -N ''
- fi
+ if [ -f %%ETCSSH%%/ssh_host_key -a \
+ -f %%ETCSSH%%/ssh_host_dsa_key -a \
+ -f %%ETCSSH%%/ssh_host_rsa_key -a \
+ -f %%ETCSSH%%/ssh_host_ecdsa_key ]; then
+ return 0
+ fi
+
+ umask 022
+
+ # Can't do anything if ssh is not installed
+ [ -x %%PREFIX%%/bin/ssh-keygen ] ||
+ err 1 "%%PREFIX%%/bin/ssh-keygen does not exist."
+
+ if [ -f %%ETCSSH%%/ssh_host_key ]; then
+ echo "You already have an RSA host key" \
+ "in %%ETCSSH%%/ssh_host_key"
+ echo "Skipping protocol version 1 RSA Key Generation"
+ else
+ %%PREFIX%%/bin/ssh-keygen -t rsa1 -b 1024 \
+ -f %%ETCSSH%%/ssh_host_key -N ''
+ fi
+
+ if [ -f %%ETCSSH%%/ssh_host_dsa_key ]; then
+ echo "You already have a DSA host key" \
+ "in %%ETCSSH%%/ssh_host_dsa_key"
+ echo "Skipping protocol version 2 DSA Key Generation"
+ else
+ %%PREFIX%%/bin/ssh-keygen -t dsa \
+ -f %%ETCSSH%%/ssh_host_dsa_key -N ''
+ fi
+
+ if [ -f %%ETCSSH%%/ssh_host_rsa_key ]; then
+ echo "You already have a RSA host key" \
+ "in %%ETCSSH%%/ssh_host_rsa_key"
+ echo "Skipping protocol version 2 RSA Key Generation"
+ else
+ %%PREFIX%%/bin/ssh-keygen -t rsa \
+ -f %%ETCSSH%%/ssh_host_rsa_key -N ''
+ fi
+
+ if [ -f %%ETCSSH%%/ssh_host_ecdsa_key ]; then
+ echo "You already have a Elliptic Curve DSA host key" \
+ "in %%ETCSSH%%/ssh_host_ecdsa_key"
+ echo "Skipping protocol version 2 Elliptic Curve DSA Key Generation"
+ else
+ %%PREFIX%%/bin/ssh-keygen -t ecdsa \
+ -f %%ETCSSH%%/ssh_host_ecdsa_key -N ''
fi
}
@@ -134,9 +132,7 @@ openssh_check_same_ports(){
base_sshd_port=22
fi
- if [ "${self_port}" -eq "${base_sshd_port}" ]; then
- return 0
- else
+ if [ "${self_port}" -ne "${base_sshd_port}" ]; then
return 1
fi
}
@@ -145,8 +141,7 @@ openssh_checks()
{
if checkyesno sshd_enable ; then
if openssh_check_same_ports && ! checkyesno openssh_skipportscheck; then
- err 1 "sshd_enable is set and $name and sshd are use \
-same port"
+ err 1 "sshd_enable is set, but $name and /usr/sbin/sshd use the same port"
fi
fi