case "$1" in
start)
- if [ ! -e /etc/ssh/ssh_host_rsa_key ]; then
- echo "Generating SSH Keys"
- ssh-keygen -qf /etc/ssh/ssh_host_rsa_key -N ''
- ssh-keygen -qf /etc/ssh/ssh_host_key -N '' -t rsa1
- ssh-keygen -qf /etc/ssh/ssh_host_dsa_key -N '' -t dsa
- fi
+ if [ ! -e "/etc/ssh/ssh_host_key" ]; then
+ boot_mesg "Generating SSH host key..."
+ ssh-keygen -qf /etc/ssh/ssh_host_key -N '' -t rsa1
+ evaluate_retval
+ fi
+
+ for algo in rsa dsa ecdsa ed25519; do
+ keyfile="/etc/ssh/ssh_host_${algo}_key"
+
+ # If the key already exists, there is nothing to do.
+ [ -e "${keyfile}" ] && continue
+
+ case "${algo}" in
+ rsa)
+ algo="rsa1"
+ ;;
+ esac
+
+ boot_mesg "Generating SSH key (${algo})..."
+ ssh-keygen -qf "${keyfile}" -N '' -t ${algo}
+ evaluate_retval
+ done
[ -e "/var/ipfire/remote/enablessh" ] || exit 0 # SSH is not enabled
boot_mesg "Starting SSH Server..."
- # Also prevent ssh from being killed by out of memory conditions
loadproc /usr/sbin/sshd
- sleep 3
- echo "-16" >/proc/`cat /var/run/sshd.pid`/oom_adj
+
+ # Also prevent ssh from being killed by out of memory conditions
+ (
+ sleep 3
+ pid=$(cat /var/run/sshd.pid 2>/dev/null)
+ [ -n "${pid}" ] && echo "-16" > "/proc/${pid}/oom_score_adj"
+ ) &
;;
stop)