wok annotate openssh/stuff/openssh @ rev 23329
updated perl-file-desktopentry (0.04 -> 0.22)
| author | Hans-G?nter Theisgen |
|---|---|
| date | Mon Mar 30 17:44:58 2020 +0100 (2020-03-30) |
| parents | 6a8b83dd1456 |
| children | 9096d6788292 |
| rev | line source |
|---|---|
| pascal@860 | 1 #!/bin/sh |
| al@18689 | 2 # /etc/init.d/openssh : Start, stop and restart OpenSSH server on SliTaz, at |
| pascal@860 | 3 # boot time or with the command line. |
| pascal@860 | 4 # |
| pascal@860 | 5 # To start OpenSSH server at boot time, just put openssh in the $RUN_DAEMONS |
| pascal@860 | 6 # variable of /etc/rcS.conf and configure options with /etc/daemons.conf |
| pascal@860 | 7 # |
| pascal@860 | 8 . /etc/init.d/rc.functions |
| pascal@860 | 9 . /etc/daemons.conf |
| pascal@860 | 10 |
| pascal@860 | 11 NAME=OpenSSH |
| al@19159 | 12 DESC="$(_ '%s server' OpenSSH)" |
| pascal@860 | 13 DAEMON=/usr/sbin/sshd |
| pascal@860 | 14 OPTIONS=$OPENSSH_OPTIONS |
| pascal@860 | 15 PIDFILE=/var/run/sshd.pid |
| pascal@860 | 16 |
| pascal@16681 | 17 [ -d /var/run/sshd ] || mkdir -p /var/run/sshd |
| al@18689 | 18 |
| pascal@860 | 19 case "$1" in |
| al@18689 | 20 start) |
| al@18689 | 21 # We need rsa and dsa host key file to start dropbear. |
| pascal@20061 | 22 for type in rsa dsa ecdsa ; do |
| pascal@20154 | 23 [ -s /etc/ssh/ssh_host_${type}_key ] && continue |
| pascal@20061 | 24 _ 'Generating OpenSSH %s key... ' $type |
| pascal@20061 | 25 ssh-keygen -t $type -f /etc/ssh/ssh_host_${type}_key -C '' -N '' |
| pascal@20061 | 26 done |
| al@18689 | 27 if active_pidfile $PIDFILE sshd ; then |
| al@19159 | 28 _ '%s is already running.' $NAME |
| al@18689 | 29 exit 1 |
| al@18689 | 30 fi |
| pascal@20061 | 31 if [ -n "$(which iptables)" ] && ! iptables -L | grep 'tcp dpt:ssh ' ; then |
| pascal@20061 | 32 tcp22new='iptables -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent' |
| pascal@20061 | 33 $tcp22new --set --name DEFAULT --rsource |
| pascal@20061 | 34 limit='--seconds 300 --hitcount 5 --name DEFAULT --rsource' |
| pascal@20061 | 35 $tcp22new --update $limit -j LOG --log-prefix "SSH-Bruteforce : " |
| pascal@20061 | 36 $tcp22new --update $limit -j DROP |
| pascal@20061 | 37 fi |
| al@19159 | 38 action 'Starting %s: %s...' "$DESC" $NAME |
| al@18689 | 39 $DAEMON $OPTIONS |
| al@18689 | 40 status |
| al@18689 | 41 ;; |
| al@18689 | 42 stop) |
| al@18689 | 43 if ! active_pidfile $PIDFILE sshd ; then |
| al@19159 | 44 _ '%s is not running.' $NAME |
| al@18689 | 45 exit 1 |
| al@18689 | 46 fi |
| al@19159 | 47 action 'Stopping %s: %s...' "$DESC" $NAME |
| al@18689 | 48 kill $(cat $PIDFILE) |
| al@18689 | 49 status |
| al@18689 | 50 ;; |
| al@18689 | 51 restart) |
| al@18689 | 52 if ! active_pidfile $PIDFILE sshd ; then |
| al@19159 | 53 _ '%s is not running.' $NAME |
| al@18689 | 54 exit 1 |
| al@18689 | 55 fi |
| al@19159 | 56 action 'Restarting %s: %s...' "$DESC" $NAME |
| al@18689 | 57 kill $(cat $PIDFILE) |
| al@18689 | 58 sleep 2 |
| al@18689 | 59 $DAEMON $OPTIONS |
| al@18689 | 60 status |
| al@18689 | 61 ;; |
| al@18689 | 62 *) |
| al@19159 | 63 emsg "<n><b>$(_ 'Usage:')</b> $0 [start|stop|restart]" |
| al@18689 | 64 newline |
| al@18689 | 65 exit 1 |
| al@18689 | 66 ;; |
| pascal@860 | 67 esac |
| pascal@860 | 68 |
| pascal@860 | 69 exit 0 |