#!/bin/sh # Start/stop/restart the secure shell server: # Source options if [ -r /etc/default/sshd ]; then . /etc/default/sshd fi sshd_start() { # Create host keys if needed. if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' fi if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' fi if [ ! -f /etc/ssh/ssh_host_ecdsa_key ]; then /usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' fi if [ ! -f /etc/ssh/ssh_host_ed25519_key ]; then /usr/bin/ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N '' fi # Catch any new host key types not yet created above: /usr/bin/ssh-keygen -A # Start the sshd daemon: /usr/sbin/sshd $SSHD_OPTS } sshd_stop() { killall --ns $$ sshd-session 2> /dev/null killall --ns $$ sshd } sshd_restart() { if [ -r /var/run/sshd.pid ]; then echo "WARNING: killing listener process only. To kill every sshd process, you must" echo " use 'rc.sshd stop'. 'rc.sshd restart' kills only the parent sshd to" echo " allow an admin logged in through sshd to use 'rc.sshd restart' without" echo " being cut off. If sshd has been upgraded, new connections will now" echo " use the new version, which should be a safe enough approach." kill $(cat /var/run/sshd.pid) else echo "WARNING: There does not appear to be a parent instance of sshd running." echo " If you really want to kill all running instances of sshd (including" echo " any sessions currently in use), run '/etc/rc.d/rc.sshd stop' instead." exit 1 fi sleep 1 sshd_start } case "$1" in 'start') sshd_start ;; 'stop') sshd_stop ;; 'restart') sshd_restart ;; *) echo "usage $0 start|stop|restart" esac