Merge remote-tracking branch 'glotzi/nut-update' into next

[ipfire-2.x.git] / src / initscripts / init.d / sshd

diff --git a/src/initscripts/init.d/sshd b/src/initscripts/init.d/sshd
index 015a43c5b5008512e2582c3c22a6c2767e6b5176..1d61a63990a492cfe3fcff112cc78d538b20a980 100644 (file)
--- a/src/initscripts/init.d/sshd
+++ b/src/initscripts/init.d/sshd
@@ -12,11 +12,42 @@
 
 case "$1" in
     start)
+       if [ ! -e "/etc/ssh/ssh_host_key" ]; then
+               boot_mesg "Generating SSH host key..."
+               ssh-keygen -qf /etc/ssh/ssh_host_key -N '' -t rsa1
+               evaluate_retval
+       fi
+
+       for algo in rsa dsa ecdsa ed25519; do
+               keyfile="/etc/ssh/ssh_host_${algo}_key"
+
+               # If the key already exists, there is nothing to do.
+               [ -e "${keyfile}" ] && continue
+
+               case "${algo}" in
+                       rsa)
+                               algo="rsa1"
+                               ;;
+               esac
+
+               boot_mesg "Generating SSH key (${algo})..."
+               ssh-keygen -qf "${keyfile}" -N '' -t ${algo}
+               evaluate_retval
+       done
+
+        [ -e "/var/ipfire/remote/enablessh" ] || exit 0 # SSH is not enabled
         boot_mesg "Starting SSH Server..."
-        # Also prevent ssh from being killed by out of memory conditions
         loadproc /usr/sbin/sshd 
-        sleep 1
-        echo "-16" >/proc/`cat /var/run/sshd.pid`/oom_adj
+
+        # Also prevent ssh from being killed by out of memory conditions
+       (
+               sleep 3
+               pid=$(cat /var/run/sshd.pid 2>/dev/null)
+               [ -n "${pid}" ] && [ -e "/proc/${pid}/oom_score_adj" ] && \
+                                       echo "-16" > "/proc/${pid}/oom_score_adj" || \
+                               [ -e "/proc/${pid}/oom_adj" ] && \
+                                       echo "-16" > "/proc/${pid}/oom_adj"
+       ) &
         ;;
 
     stop)