| #!/bin/sh |
| ### BEGIN INIT INFO |
| # Provides: sshd |
| # Required-Start: $remote_fs $syslog $networking |
| # Required-Stop: $remote_fs $syslog |
| # Default-Start: 2 3 4 5 |
| # Default-Stop: 1 |
| # Short-Description: Dropbear Secure Shell server |
| ### END INIT INFO |
| # |
| # Do not configure this file. Edit /etc/default/dropbear instead! |
| # |
| |
| PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin |
| DAEMON=/usr/sbin/dropbear |
| NAME=dropbear |
| DESC="Dropbear SSH server" |
| PIDFILE=/var/run/dropbear.pid |
| |
| DROPBEAR_PORT=22 |
| DROPBEAR_EXTRA_ARGS= |
| NO_START=0 |
| |
| set -e |
| |
| test ! -r /etc/default/dropbear || . /etc/default/dropbear |
| test "$NO_START" = "0" || exit 0 |
| test -x "$DAEMON" || exit 0 |
| test ! -h /var/service/dropbear || exit 0 |
| |
| readonly_rootfs=0 |
| for flag in `awk '{ if ($2 == "/") { split($4,FLAGS,",") } }; END { for (f in FLAGS) print FLAGS[f] }' </proc/mounts`; do |
| case $flag in |
| ro) |
| readonly_rootfs=1 |
| ;; |
| esac |
| done |
| |
| if [ $readonly_rootfs = "1" ]; then |
| mkdir -p /var/lib/dropbear |
| DROPBEAR_RSAKEY_DEFAULT="/var/lib/dropbear/dropbear_rsa_host_key" |
| DROPBEAR_DSSKEY_DEFAULT="/var/lib/dropbear/dropbear_dss_host_key" |
| else |
| DROPBEAR_RSAKEY_DEFAULT="/etc/dropbear/dropbear_rsa_host_key" |
| DROPBEAR_DSSKEY_DEFAULT="/etc/dropbear/dropbear_dss_host_key" |
| fi |
| |
| test -z "$DROPBEAR_BANNER" || \ |
| DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -b $DROPBEAR_BANNER" |
| test -n "$DROPBEAR_RSAKEY" || \ |
| DROPBEAR_RSAKEY=$DROPBEAR_RSAKEY_DEFAULT |
| test -n "$DROPBEAR_DSSKEY" || \ |
| DROPBEAR_DSSKEY=$DROPBEAR_DSSKEY_DEFAULT |
| test -n "$DROPBEAR_KEYTYPES" || \ |
| DROPBEAR_KEYTYPES="rsa" |
| |
| gen_keys() { |
| for t in $DROPBEAR_KEYTYPES; do |
| case $t in |
| rsa) |
| if [ -f "$DROPBEAR_RSAKEY" -a ! -s "$DROPBEAR_RSAKEY" ]; then |
| rm $DROPBEAR_RSAKEY || true |
| fi |
| test -f $DROPBEAR_RSAKEY || dropbearkey -t rsa -f $DROPBEAR_RSAKEY |
| ;; |
| dsa) |
| if [ -f "$DROPBEAR_DSSKEY" -a ! -s "$DROPBEAR_DSSKEY" ]; then |
| rm $DROPBEAR_DSSKEY || true |
| fi |
| test -f $DROPBEAR_DSSKEY || dropbearkey -t dss -f $DROPBEAR_DSSKEY |
| ;; |
| esac |
| done |
| } |
| |
| case "$1" in |
| start) |
| echo -n "Starting $DESC: " |
| gen_keys |
| KEY_ARGS="" |
| test -f $DROPBEAR_DSSKEY && KEY_ARGS="$KEY_ARGS -d $DROPBEAR_DSSKEY" |
| test -f $DROPBEAR_RSAKEY && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_RSAKEY" |
| start-stop-daemon -S -p $PIDFILE \ |
| -x "$DAEMON" -- $KEY_ARGS \ |
| -p "$DROPBEAR_PORT" $DROPBEAR_EXTRA_ARGS |
| echo "$NAME." |
| ;; |
| stop) |
| echo -n "Stopping $DESC: " |
| start-stop-daemon -K -x "$DAEMON" -p $PIDFILE |
| echo "$NAME." |
| ;; |
| restart|force-reload) |
| echo -n "Restarting $DESC: " |
| start-stop-daemon -K -x "$DAEMON" -p $PIDFILE |
| sleep 1 |
| KEY_ARGS="" |
| test -f $DROPBEAR_DSSKEY && KEY_ARGS="$KEY_ARGS -d $DROPBEAR_DSSKEY" |
| test -f $DROPBEAR_RSAKEY && KEY_ARGS="$KEY_ARGS -r $DROPBEAR_RSAKEY" |
| start-stop-daemon -S -p $PIDFILE \ |
| -x "$DAEMON" -- $KEY_ARGS \ |
| -p "$DROPBEAR_PORT" $DROPBEAR_EXTRA_ARGS |
| echo "$NAME." |
| ;; |
| *) |
| N=/etc/init.d/$NAME |
| echo "Usage: $N {start|stop|restart|force-reload}" >&2 |
| exit 1 |
| ;; |
| esac |
| |
| exit 0 |