1#!/bin/sh 2# sshd/rc.main_tcpserver 3# perp runscript for sshd service 4# wcm, 2009.10.07 - 2011.02.02 5# === 6 7exec 2>&1 8 9TARGET=${1} 10SVNAME=${2:-sshd} 11 12## config: 13CONLIMIT=51 14 15## generate keys: 16make_keys() { 17 if test ! -f /etc/ssh/ssh_host_key ; then 18 echo "*** ${SVNAME}: generating /etc/ssh/ssh_host_key ..." 19 /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' 20 fi 21 if test ! -f /etc/ssh/ssh_host_dsa_key ; then 22 echo "*** ${SVNAME}: generating /etc/ssh/ssh_host_dsa_key ..." 23 /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' 24 fi 25 if test ! -f /etc/ssh/ssh_host_rsa_key ; then 26 echo "*** ${SVNAME}: generating /etc/ssh/ssh_host_rsa_key ..." 27 /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' 28 fi 29} 30 31 32## make_rules: setup ./tcprules.cdb for tcpserver: 33make_rules() { 34 echo "*** ${SVNAME}: making tcprules..." 35 if test ! -f ./tcprules ; then 36 ## default rule blocks all connections except localhost: 37 cat - >./tcprules << "%%" 38127.0.0.1:allow 39:deny 40%% 41 fi 42 tcprules ./tcprules.cdb ./tcprules.tmp <./tcprules 43} 44 45 46start() { 47 echo "*** ${SVNAME}: starting sshd under tcpserver..." 48 make_keys 49 make_rules 50 ## sshd options required for running under tcpserver: 51 ## -i "inetd" mode 52 ## -e log to stderr (for tinylog) instead of syslog 53 ## 54 exec \ 55 tcpserver \ 56 -vR \ 57 -c ${CONLIMIT} \ 58 -x ./tcprules.cdb \ 59 0 22 \ 60 /usr/sbin/sshd -i -e -f /etc/ssh/sshd_config 61} 62 63 64## reset target: 65reset() { 66 case $3 in 67 'exit' ) 68 echo "*** ${SVNAME}: exited status $4" ;; 69 'signal' ) 70 echo "*** ${SVNAME}: killed on signal $5" ;; 71 * ) 72 echo "*** ${SVNAME}: stopped ($3)" ;; 73 esac 74 exit 0 75} 76 77 78## branch to target: 79eval ${TARGET} "$@" 80 81### EOF 82