[openssh] Systemd compatibility according to Mathieu Bridon <bochecha at fedoraproject.org> Split out the host ke

Tue Jun 28 10:02:00 UTC 2011

commit 273d6372270cc4511c135c32477b93eb0bbc03dc
Author: Jan F <jfch at zwingli.jagda.eu>
Date:   Tue Jun 28 12:01:11 2011 +0200

    Systemd compatibility according to Mathieu Bridon <bochecha at fedoraproject.org>
    Split out the host keygen into their own command, to ease future migration
    to systemd. Compatitbility with the init script was kept.
    Migrate the package to full native systemd unit files, according to the Fedora
    packaging guidelines.
    Prepate the unit files for running an ondemand server. (do not add it actually)

 sshd-keygen   |   90 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 sshd at .service |    7 ++++
 2 files changed, 97 insertions(+), 0 deletions(-)
---

diff --git a/sshd-keygen b/sshd-keygen
new file mode 100644
index 0000000..2a85f0f
--- /dev/null
+++ b/sshd-keygen
@@ -0,0 +1,90 @@
+#!/bin/bash
+
+# Create the host keys for the OpenSSH server.
+#
+# The creation is controlled by the $AUTOCREATE_SERVER_KEYS environment
+# variable.
+
+# source function library
+. /etc/rc.d/init.d/functions
+
+# pull in sysconfig settings
+[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
+
+# Some functions to make the below more readable
+KEYGEN=/usr/bin/ssh-keygen
+RSA1_KEY=/etc/ssh/ssh_host_key
+RSA_KEY=/etc/ssh/ssh_host_rsa_key
+DSA_KEY=/etc/ssh/ssh_host_dsa_key
+
+do_rsa1_keygen() {
+	if [ ! -s $RSA1_KEY ]; then
+		echo -n $"Generating SSH1 RSA host key: "
+		rm -f $RSA1_KEY
+		if test ! -f $RSA1_KEY && $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
+			chgrp ssh_keys $RSA1_KEY
+			chmod 640 $RSA1_KEY
+			chmod 644 $RSA1_KEY.pub
+			if [ -x /sbin/restorecon ]; then
+			    /sbin/restorecon $RSA1_KEY.pub
+			fi
+			success $"RSA1 key generation"
+			echo
+		else
+			failure $"RSA1 key generation"
+			echo
+			exit 1
+		fi
+	fi
+}
+
+do_rsa_keygen() {
+	if [ ! -s $RSA_KEY ]; then
+		echo -n $"Generating SSH2 RSA host key: "
+		rm -f $RSA_KEY
+		if test ! -f $RSA_KEY && $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
+			chgrp ssh_keys $RSA_KEY
+			chmod 640 $RSA_KEY
+			chmod 644 $RSA_KEY.pub
+			if [ -x /sbin/restorecon ]; then
+			    /sbin/restorecon $RSA_KEY.pub
+			fi
+			success $"RSA key generation"
+			echo
+		else
+			failure $"RSA key generation"
+			echo
+			exit 1
+		fi
+	fi
+}
+
+do_dsa_keygen() {
+	if [ ! -s $DSA_KEY ]; then
+		echo -n $"Generating SSH2 DSA host key: "
+		rm -f $DSA_KEY
+		if test ! -f $DSA_KEY && $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
+			chgrp ssh_keys $DSA_KEY
+			chmod 640 $DSA_KEY
+			chmod 644 $DSA_KEY.pub
+			if [ -x /sbin/restorecon ]; then
+			    /sbin/restorecon $DSA_KEY.pub
+			fi
+			success $"DSA key generation"
+			echo
+		else
+			failure $"DSA key generation"
+			echo
+			exit 1
+		fi
+	fi
+}
+
+# Create keys if necessary
+if [ "x${AUTOCREATE_SERVER_KEYS}" != xNO ]; then
+	do_rsa_keygen
+	if [ "x${AUTOCREATE_SERVER_KEYS}" != xRSAONLY ]; then
+		do_rsa1_keygen
+		do_dsa_keygen
+	fi
+fi
diff --git a/sshd at .service b/sshd at .service
new file mode 100644
index 0000000..7e0002f
--- /dev/null
+++ b/sshd at .service
@@ -0,0 +1,7 @@
+[Unit]
+Description=OpenSSH per-connection server daemon.
+After=syslog.target
+
+[Service]
+ExecStart=-/usr/sbin/sshd -i
+StandardInput=socket
