diff options
| author |   Diego Elio Pettenò <flameeyes@gentoo.org> | 2010-10-11 22:50:07 +0000 |
|---|---|---|
| committer | Diego Elio Pettenò <flameeyes@gentoo.org> | 2010-10-11 22:50:07 +0000 |
| commit | 62f7a3c95fe6df4f69e0f00cca5799eb723cc439 (patch) | |
| tree | 4f5e89a8a520ce239c33ade1957fb87e81386db2 /net-misc/openssh | |
| parent | arm stable, bug #338654 (diff) | |
| download | gentoo-2-62f7a3c95fe6df4f69e0f00cca5799eb723cc439.tar.gz gentoo-2-62f7a3c95fe6df4f69e0f00cca5799eb723cc439.tar.bz2 gentoo-2-62f7a3c95fe6df4f69e0f00cca5799eb723cc439.zip | |
Update init script to not regenerate the RSA1 host key (for SSH Protocol 1) unless Protocol 1 is enabled. Modern OpenSSH versions disable Protocol 1 in the daemon by default.
(Portage version: 2.2_rc92/cvs/Linux x86_64)
Diffstat (limited to 'net-misc/openssh')
| -rw-r--r-- | net-misc/openssh/ChangeLog | 8 | ||||
| -rw-r--r-- | net-misc/openssh/files/sshd.rc6.1 | 82 | ||||
| -rw-r--r-- | net-misc/openssh/openssh-5.6_p1-r2.ebuild | 4 |
3 files changed, 91 insertions, 3 deletions
diff --git a/net-misc/openssh/ChangeLog b/net-misc/openssh/ChangeLog index c5befd16d099..4c7c7ddc6df1 100644 --- a/net-misc/openssh/ChangeLog +++ b/net-misc/openssh/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-misc/openssh # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/ChangeLog,v 1.392 2010/09/30 02:48:44 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/ChangeLog,v 1.393 2010/10/11 22:50:07 flameeyes Exp $ + + 11 Oct 2010; Diego E. Pettenò <flameeyes@gentoo.org> + openssh-5.6_p1-r2.ebuild, +files/sshd.rc6.1: + Update init script to not regenerate the RSA1 host key (for SSH Protocol + 1) unless Protocol 1 is enabled. Modern OpenSSH versions disable Protocol + 1 in the daemon by default. *openssh-5.6_p1-r2 (30 Sep 2010) diff --git a/net-misc/openssh/files/sshd.rc6.1 b/net-misc/openssh/files/sshd.rc6.1 new file mode 100644 index 000000000000..0afb9480ed14 --- /dev/null +++ b/net-misc/openssh/files/sshd.rc6.1 @@ -0,0 +1,82 @@ +#!/sbin/runscript +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/files/sshd.rc6.1,v 1.1 2010/10/11 22:50:07 flameeyes Exp $ + +opts="${opts} reload checkconfig gen_keys" + +depend() { + use logger dns + need net +} + +SSHD_CONFDIR=${SSHD_CONFDIR:-/etc/ssh} +SSHD_PIDFILE=${SSHD_PIDFILE:-/var/run/${SVCNAME}.pid} +SSHD_BINARY=${SSHD_BINARY:-/usr/sbin/sshd} + +checkconfig() { + if [ ! -d /var/empty ] ; then + mkdir -p /var/empty || return 1 + fi + + if [ ! -e "${SSHD_CONFDIR}"/sshd_config ] ; then + eerror "You need an ${SSHD_CONFDIR}/sshd_config file to run sshd" + eerror "There is a sample file in /usr/share/doc/openssh" + return 1 + fi + + gen_keys || return 1 + + "${SSHD_BINARY}" -t ${myopts} || return 1 +} + +gen_keys() { + if [ ! -e "${SSHD_CONFDIR}"/ssh_host_key ] && \ + egrep -q '^[ \t]*Protocol[ \t]+.*1' "${SSHD_CONFDIR}"/sshd_config ; then + einfo "Generating RSA1-Hostkey..." + /usr/bin/ssh-keygen -t rsa1 -f "${SSHD_CONFDIR}"/ssh_host_key -N '' || return 1 + fi + if [ ! -e "${SSHD_CONFDIR}"/ssh_host_dsa_key ] ; then + einfo "Generating DSA-Hostkey..." + /usr/bin/ssh-keygen -d -f "${SSHD_CONFDIR}"/ssh_host_dsa_key -N '' || return 1 + fi + if [ ! -e "${SSHD_CONFDIR}"/ssh_host_rsa_key ] ; then + einfo "Generating RSA-Hostkey..." + /usr/bin/ssh-keygen -t rsa -f "${SSHD_CONFDIR}"/ssh_host_rsa_key -N '' || return 1 + fi + return 0 +} + +start() { + local myopts="" + [ "${SSHD_PIDFILE}" != "/var/run/sshd.pid" ] \ + && myopts="${myopts} -o PidFile=${SSHD_PIDFILE}" + [ "${SSHD_CONFDIR}" != "/etc/ssh" ] \ + && myopts="${myopts} -f ${SSHD_CONFDIR}/sshd_config" + + checkconfig || return 1 + ebegin "Starting ${SVCNAME}" + start-stop-daemon --start --exec "${SSHD_BINARY}" \ + --pidfile "${SSHD_PIDFILE}" \ + -- ${myopts} ${SSHD_OPTS} + eend $? +} + +stop() { + if [ "${RC_CMD}" = "restart" ] ; then + checkconfig || return 1 + fi + + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --exec "${SSHD_BINARY}" \ + --pidfile "${SSHD_PIDFILE}" --quiet + eend $? +} + +reload() { + checkconfig || return 1 + ebegin "Reloading ${SVCNAME}" + start-stop-daemon --stop --signal HUP --oknodo \ + --exec "${SSHD_BINARY}" --pidfile "${SSHD_PIDFILE}" + eend $? +} diff --git a/net-misc/openssh/openssh-5.6_p1-r2.ebuild b/net-misc/openssh/openssh-5.6_p1-r2.ebuild index bc39868f31d8..d5658189ff2c 100644 --- a/net-misc/openssh/openssh-5.6_p1-r2.ebuild +++ b/net-misc/openssh/openssh-5.6_p1-r2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2010 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-5.6_p1-r2.ebuild,v 1.1 2010/09/30 02:48:44 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-5.6_p1-r2.ebuild,v 1.2 2010/10/11 22:50:07 flameeyes Exp $ EAPI="2" inherit eutils flag-o-matic multilib autotools pam @@ -183,7 +183,7 @@ src_install() { emake install-nokeys DESTDIR="${D}" || die fperms 600 /etc/ssh/sshd_config dobin contrib/ssh-copy-id - newinitd "${FILESDIR}"/sshd.rc6 sshd + newinitd "${FILESDIR}"/sshd.rc6.1 sshd newconfd "${FILESDIR}"/sshd.confd sshd keepdir /var/empty |