#!/bin/sh ############################################################################### # # # IPFire.org - A linux based firewall # # Copyright (C) 2007-2024 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # # the Free Software Foundation, either version 3 of the License, or # # (at your option) any later version. # # # # This program is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty of # # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # # GNU General Public License for more details. # # # # You should have received a copy of the GNU General Public License # # along with this program. If not, see . # # # ############################################################################### . /etc/sysconfig/rc . $rc_functions case "$1" in start) for algo in ecdsa ed25519; do keyfile="/etc/ssh/ssh_host_${algo}_key" # If the key already exists, there is nothing to do. [ -e "${keyfile}" ] && continue boot_mesg "Generating SSH key (${algo})..." ssh-keygen -qf "${keyfile}" -N '' -b 521 -t ${algo} evaluate_retval done [ -e "/var/ipfire/remote/enablessh" ] || exit 0 # SSH is not enabled boot_mesg "Starting SSH Server..." loadproc -f /usr/sbin/sshd # Also prevent ssh from being killed by out of memory conditions ( sleep 3 pid=$(cat /var/run/sshd.pid 2>/dev/null) [ -n "${pid}" ] && echo "-16" > "/proc/${pid}/oom_score_adj" ) & ;; stop) boot_mesg "Stopping SSH Server..." killproc -p "/var/run/sshd.pid" /usr/sbin/sshd || true ;; reload) boot_mesg "Reloading SSH Server..." reloadproc /usr/sbin/sshd ;; restart) $0 stop sleep 1 $0 start ;; status) statusproc /usr/sbin/sshd ;; *) echo "Usage: $0 {start|stop|reload|restart|status}" exit 1 ;; esac