head	1.22;
access;
symbols
	RELENG_8_4:1.19.0.2
	RELENG_9_1_0_RELEASE:1.15.2.2.2.2
	RELENG_9_1:1.15.2.2.0.2
	RELENG_9_1_BP:1.15.2.2
	RELENG_8_3_0_RELEASE:1.14.2.2.2.1
	RELENG_8_3:1.14.2.2.0.2
	RELENG_8_3_BP:1.14.2.2
	RELENG_9_0_0_RELEASE:1.15.2.1.2.1
	RELENG_9_0:1.15.2.1.0.2
	RELENG_9_0_BP:1.15.2.1
	RELENG_9:1.15.0.2
	RELENG_9_BP:1.15
	RELENG_7_4_0_RELEASE:1.12.2.2.6.1
	RELENG_8_2_0_RELEASE:1.14.2.1.6.1
	RELENG_7_4:1.12.2.2.0.6
	RELENG_7_4_BP:1.12.2.2
	RELENG_8_2:1.14.2.1.0.6
	RELENG_8_2_BP:1.14.2.1
	RELENG_8_1_0_RELEASE:1.14.2.1.4.1
	RELENG_8_1:1.14.2.1.0.4
	RELENG_8_1_BP:1.14.2.1
	RELENG_7_3_0_RELEASE:1.12.2.2.4.1
	RELENG_7_3:1.12.2.2.0.4
	RELENG_7_3_BP:1.12.2.2
	RELENG_8_0_0_RELEASE:1.14.2.1.2.1
	RELENG_8_0:1.14.2.1.0.2
	RELENG_8_0_BP:1.14.2.1
	RELENG_8:1.14.0.2
	RELENG_8_BP:1.14
	RELENG_7_2_0_RELEASE:1.12.2.2.2.1
	RELENG_7_2:1.12.2.2.0.2
	RELENG_7_2_BP:1.12.2.2
	RELENG_7_1_0_RELEASE:1.12.2.1.2.1
	RELENG_6_4_0_RELEASE:1.8.2.5.2.1
	RELENG_7_1:1.12.2.1.0.2
	RELENG_7_1_BP:1.12.2.1
	RELENG_6_4:1.8.2.5.0.2
	RELENG_6_4_BP:1.8.2.5
	RELENG_7_0_0_RELEASE:1.12.4.1
	RELENG_6_3_0_RELEASE:1.8.2.4
	RELENG_7_0:1.12.0.4
	RELENG_7_0_BP:1.12
	RELENG_6_3:1.8.2.4.0.4
	RELENG_6_3_BP:1.8.2.4
	RELENG_7:1.12.0.2
	RELENG_7_BP:1.12
	RELENG_6_2_0_RELEASE:1.8.2.4
	RELENG_6_2:1.8.2.4.0.2
	RELENG_6_2_BP:1.8.2.4
	RELENG_5_5_0_RELEASE:1.6.2.1
	RELENG_5_5:1.6.2.1.0.6
	RELENG_5_5_BP:1.6.2.1
	RELENG_6_1_0_RELEASE:1.8.2.1
	RELENG_6_1:1.8.2.1.0.2
	RELENG_6_1_BP:1.8.2.1
	RELENG_6_0_0_RELEASE:1.8
	RELENG_6_0:1.8.0.4
	RELENG_6_0_BP:1.8
	RELENG_6:1.8.0.2
	RELENG_6_BP:1.8
	RELENG_5_4_0_RELEASE:1.6.2.1
	RELENG_5_4:1.6.2.1.0.4
	RELENG_5_4_BP:1.6.2.1
	RELENG_5_3_0_RELEASE:1.6.2.1
	RELENG_5_3:1.6.2.1.0.2
	RELENG_5_3_BP:1.6.2.1
	RELENG_5:1.6.0.2
	RELENG_5_BP:1.6
	RELENG_5_2_1_RELEASE:1.3
	RELENG_5_2_0_RELEASE:1.3
	RELENG_5_2:1.3.0.2
	RELENG_5_2_BP:1.3
	RELENG_5_1_0_RELEASE:1.2
	RELENG_5_1:1.2.0.4
	RELENG_5_1_BP:1.2
	RELENG_5_0_0_RELEASE:1.2
	RELENG_5_0:1.2.0.2
	RELENG_5_0_BP:1.2
	head_20020621:1.1.1.2
	head_20010615:1.1.1.1
	NETBSD:1.1.1;
locks; strict;
comment	@# @;


1.22
date	2013.06.22.00.30.40;	author svnexp;	state Exp;
branches;
next	1.21;

1.21
date	2013.04.17.00.34.36;	author svnexp;	state Exp;
branches;
next	1.20;

1.20
date	2013.04.15.00.42.36;	author svnexp;	state Exp;
branches;
next	1.19;

1.19
date	2012.11.17.01.49.05;	author svnexp;	state Exp;
branches
	1.19.2.1;
next	1.18;

1.18
date	2012.09.11.05.04.59;	author obrien;	state Exp;
branches;
next	1.17;

1.17
date	2012.09.04.21.56.16;	author des;	state Exp;
branches;
next	1.16;

1.16
date	2012.01.14.02.18.41;	author dougb;	state Exp;
branches;
next	1.15;

1.15
date	2011.05.04.07.34.44;	author des;	state Exp;
branches
	1.15.2.1;
next	1.14;

1.14
date	2008.07.16.19.50.29;	author dougb;	state Exp;
branches
	1.14.2.1;
next	1.13;

1.13
date	2007.12.08.07.20.22;	author dougb;	state Exp;
branches;
next	1.12;

1.12
date	2006.08.22.11.17.28;	author flz;	state Exp;
branches
	1.12.2.1
	1.12.4.1;
next	1.11;

1.11
date	2006.04.11.09.08.15;	author flz;	state Exp;
branches;
next	1.10;

1.10
date	2006.04.11.08.55.27;	author flz;	state Exp;
branches;
next	1.9;

1.9
date	2005.10.23.14.06.53;	author yar;	state Exp;
branches;
next	1.8;

1.8
date	2005.01.16.03.12.03;	author obrien;	state Exp;
branches
	1.8.2.1;
next	1.7;

1.7
date	2004.10.07.13.55.26;	author mtm;	state Exp;
branches;
next	1.6;

1.6
date	2004.08.04.08.10.37;	author markm;	state Exp;
branches
	1.6.2.1;
next	1.5;

1.5
date	2004.01.17.10.59.43;	author mtm;	state Exp;
branches;
next	1.4;

1.4
date	2004.01.17.10.16.38;	author mtm;	state Exp;
branches;
next	1.3;

1.3
date	2003.07.13.01.49.07;	author mtm;	state Exp;
branches;
next	1.2;

1.2
date	2002.06.13.22.14.36;	author gordon;	state Exp;
branches;
next	1.1;

1.1
date	2001.06.16.07.16.14;	author obrien;	state Exp;
branches
	1.1.1.1;
next	;

1.19.2.1
date	2012.11.17.01.49.05;	author svnexp;	state dead;
branches;
next	1.19.2.2;

1.19.2.2
date	2013.03.28.13.02.44;	author svnexp;	state Exp;
branches;
next	;

1.15.2.1
date	2011.09.23.00.51.37;	author kensmith;	state Exp;
branches
	1.15.2.1.2.1;
next	1.15.2.2;

1.15.2.2
date	2012.02.14.10.16.56;	author dougb;	state Exp;
branches
	1.15.2.2.2.1;
next	1.15.2.3;

1.15.2.3
date	2012.10.26.18.06.49;	author obrien;	state Exp;
branches;
next	1.15.2.4;

1.15.2.4
date	2012.11.17.11.36.11;	author svnexp;	state Exp;
branches;
next	1.15.2.5;

1.15.2.5
date	2013.02.28.13.02.19;	author svnexp;	state Exp;
branches;
next	1.15.2.6;

1.15.2.6
date	2013.05.02.22.01.44;	author svnexp;	state Exp;
branches;
next	1.15.2.7;

1.15.2.7
date	2013.07.01.21.01.44;	author svnexp;	state Exp;
branches;
next	1.15.2.8;

1.15.2.8
date	2014.03.31.15.01.51;	author svnexp;	state Exp;
branches;
next	;

1.15.2.1.2.1
date	2011.11.11.04.20.22;	author kensmith;	state Exp;
branches;
next	1.15.2.1.2.2;

1.15.2.1.2.2
date	2012.11.17.08.36.11;	author svnexp;	state Exp;
branches;
next	;

1.15.2.2.2.1
date	2012.08.05.23.54.33;	author kensmith;	state Exp;
branches;
next	1.15.2.2.2.2;

1.15.2.2.2.2
date	2012.11.17.08.47.01;	author svnexp;	state Exp;
branches;
next	;

1.14.2.1
date	2009.08.03.08.13.06;	author kensmith;	state Exp;
branches
	1.14.2.1.2.1
	1.14.2.1.4.1
	1.14.2.1.6.1;
next	1.14.2.2;

1.14.2.2
date	2012.02.14.10.17.14;	author dougb;	state Exp;
branches
	1.14.2.2.2.1;
next	1.14.2.3;

1.14.2.3
date	2012.11.17.10.35.57;	author svnexp;	state Exp;
branches;
next	1.14.2.4;

1.14.2.4
date	2013.03.01.02.23.12;	author svnexp;	state Exp;
branches;
next	1.14.2.5;

1.14.2.5
date	2013.05.02.22.21.42;	author svnexp;	state Exp;
branches;
next	1.14.2.6;

1.14.2.6
date	2013.07.01.21.21.41;	author svnexp;	state Exp;
branches;
next	;

1.14.2.1.2.1
date	2009.10.25.01.10.29;	author kensmith;	state Exp;
branches;
next	;

1.14.2.1.4.1
date	2010.06.14.02.09.06;	author kensmith;	state Exp;
branches;
next	;

1.14.2.1.6.1
date	2010.12.21.17.09.25;	author kensmith;	state Exp;
branches;
next	;

1.14.2.2.2.1
date	2012.03.03.06.15.13;	author kensmith;	state Exp;
branches;
next	1.14.2.2.2.2;

1.14.2.2.2.2
date	2012.11.17.08.24.38;	author svnexp;	state Exp;
branches;
next	;

1.12.2.1
date	2008.01.28.07.55.44;	author dougb;	state Exp;
branches
	1.12.2.1.2.1;
next	1.12.2.2;

1.12.2.2
date	2009.03.24.02.48.54;	author dougb;	state Exp;
branches
	1.12.2.2.2.1
	1.12.2.2.4.1
	1.12.2.2.6.1;
next	1.12.2.3;

1.12.2.3
date	2012.02.14.10.17.30;	author dougb;	state Exp;
branches;
next	1.12.2.4;

1.12.2.4
date	2012.11.17.08.01.23;	author svnexp;	state Exp;
branches;
next	;

1.12.2.1.2.1
date	2008.11.25.02.59.29;	author kensmith;	state Exp;
branches;
next	;

1.12.2.2.2.1
date	2009.04.15.03.14.26;	author kensmith;	state Exp;
branches;
next	;

1.12.2.2.4.1
date	2010.02.10.00.26.20;	author kensmith;	state Exp;
branches;
next	;

1.12.2.2.6.1
date	2010.12.21.17.10.29;	author kensmith;	state Exp;
branches;
next	1.12.2.2.6.2;

1.12.2.2.6.2
date	2012.11.17.08.16.37;	author svnexp;	state Exp;
branches;
next	;

1.12.4.1
date	2008.01.28.07.58.31;	author dougb;	state Exp;
branches;
next	;

1.8.2.1
date	2005.12.16.01.42.54;	author dougb;	state Exp;
branches;
next	1.8.2.2;

1.8.2.2
date	2006.06.07.10.33.36;	author flz;	state Exp;
branches;
next	1.8.2.3;

1.8.2.3
date	2006.06.07.10.35.33;	author flz;	state Exp;
branches;
next	1.8.2.4;

1.8.2.4
date	2006.06.09.10.14.39;	author flz;	state Exp;
branches;
next	1.8.2.5;

1.8.2.5
date	2008.01.28.08.22.33;	author dougb;	state Exp;
branches
	1.8.2.5.2.1;
next	1.8.2.6;

1.8.2.6
date	2012.11.17.07.39.09;	author svnexp;	state Exp;
branches;
next	;

1.8.2.5.2.1
date	2008.10.02.02.57.24;	author kensmith;	state Exp;
branches;
next	;

1.6.2.1
date	2004.10.10.09.50.54;	author mtm;	state Exp;
branches;
next	;

1.1.1.1
date	2001.06.16.07.16.14;	author obrien;	state Exp;
branches;
next	1.1.1.2;

1.1.1.2
date	2002.06.21.19.07.21;	author obrien;	state Exp;
branches;
next	;


desc
@@


1.22
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/252062
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@#!/bin/sh
#
# $FreeBSD: head/etc/rc.d/sshd 252062 2013-06-21 17:23:19Z delphij $
#

# PROVIDE: sshd
# REQUIRE: LOGIN FILESYSTEMS
# KEYWORD: shutdown

. /etc/rc.subr

name="sshd"
rcvar="sshd_enable"
command="/usr/sbin/${name}"
keygen_cmd="sshd_keygen"
start_precmd="sshd_precmd"
reload_precmd="sshd_precmd"
restart_precmd="sshd_precmd"
configtest_cmd="sshd_configtest"
pidfile="/var/run/${name}.pid"
extra_commands="configtest keygen reload"

timeout=300

user_reseed()
{
	(
	seeded=`sysctl -n kern.random.sys.seeded 2>/dev/null`
	if [ "x${seeded}" != "x" ] && [ ${seeded} -eq 0 ] ; then
		warn "Setting entropy source to blocking mode."
		echo "===================================================="
		echo "Type a full screenful of random junk to unblock"
		echo "it and remember to finish with <enter>. This will"
		echo "timeout in ${timeout} seconds, but waiting for"
		echo "the timeout without typing junk may make the"
		echo "entropy source deliver predictable output."
		echo ""
		echo "Just hit <enter> for fast+insecure startup."
		echo "===================================================="
		sysctl kern.random.sys.seeded=0 2>/dev/null
		read -t ${timeout} junk
		echo "${junk}" `sysctl -a` `date` > /dev/random
	fi
	)
}

sshd_keygen()
{
	(
	umask 022

	# Can't do anything if ssh is not installed
	[ -x /usr/bin/ssh-keygen ] || {
		warn "/usr/bin/ssh-keygen does not exist."
		return 1
	}

	if [ -f /etc/ssh/ssh_host_key ]; then
		echo "You already have an RSA host key" \
		    "in /etc/ssh/ssh_host_key"
		echo "Skipping protocol version 1 RSA Key Generation"
	else
		/usr/bin/ssh-keygen -t rsa1 -b 1024 \
		    -f /etc/ssh/ssh_host_key -N ''
	fi

	if [ -f /etc/ssh/ssh_host_dsa_key ]; then
		echo "You already have a DSA host key" \
		    "in /etc/ssh/ssh_host_dsa_key"
		echo "Skipping protocol version 2 DSA Key Generation"
	else
		/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
	fi

	if [ -f /etc/ssh/ssh_host_rsa_key ]; then
		echo "You already have an RSA host key" \
		    "in /etc/ssh/ssh_host_rsa_key"
		echo "Skipping protocol version 2 RSA Key Generation"
	else
		/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
	fi

	if [ -f /etc/ssh/ssh_host_ecdsa_key ]; then
		echo "You already have an ECDSA host key" \
		    "in /etc/ssh/ssh_host_ecdsa_key"
		echo "Skipping protocol version 2 ECDSA Key Generation"
	else
		/usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
	fi
	)
}

sshd_configtest()
{
	echo "Performing sanity check on ${name} configuration."
	eval ${command} ${sshd_flags} -t
}

sshd_precmd()
{
	if [ ! -f /etc/ssh/ssh_host_key -o \
	    ! -f /etc/ssh/ssh_host_dsa_key -o \
	    ! -f /etc/ssh/ssh_host_ecdsa_key -o \
	    ! -f /etc/ssh/ssh_host_rsa_key ]; then
		user_reseed
		run_rc_command keygen
	fi
	sshd_configtest
}

load_rc_config $name
run_rc_command "$1"
@


1.21
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/249555
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d3 1
a3 1
# $FreeBSD: head/etc/rc.d/sshd 249555 2013-04-16 17:30:13Z bdrewery $
d17 2
a18 2
reload_precmd="sshd_configtest"
restart_precmd="sshd_configtest"
@


1.20
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/249489
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d3 1
a3 1
# $FreeBSD: head/etc/rc.d/sshd 249489 2013-04-14 21:11:19Z bdrewery $
d17 1
@


1.19
log
@Switching exporter and resync
@
text
@d3 1
a3 1
# $FreeBSD: head/etc/rc.d/sshd 240336 2012-09-11 05:04:59Z obrien $
d17 1
@


1.19.2.1
log
@file sshd was added on branch RELENG_8_4 on 2013-03-28 13:02:44 +0000
@
text
@d1 110
@


1.19.2.2
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/248810
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a0 110
#!/bin/sh
#
# $FreeBSD: releng/8.4/etc/rc.d/sshd 247521 2013-03-01 02:06:04Z des $
#

# PROVIDE: sshd
# REQUIRE: LOGIN cleanvar
# KEYWORD: shutdown

. /etc/rc.subr

name="sshd"
rcvar="sshd_enable"
command="/usr/sbin/${name}"
keygen_cmd="sshd_keygen"
start_precmd="sshd_precmd"
configtest_cmd="sshd_configtest"
pidfile="/var/run/${name}.pid"
extra_commands="configtest keygen reload"

timeout=300

user_reseed()
{
	(
	seeded=`sysctl -n kern.random.sys.seeded 2>/dev/null`
	if [ "x${seeded}" != "x" ] && [ ${seeded} -eq 0 ] ; then
		warn "Setting entropy source to blocking mode."
		echo "===================================================="
		echo "Type a full screenful of random junk to unblock"
		echo "it and remember to finish with <enter>. This will"
		echo "timeout in ${timeout} seconds, but waiting for"
		echo "the timeout without typing junk may make the"
		echo "entropy source deliver predictable output."
		echo ""
		echo "Just hit <enter> for fast+insecure startup."
		echo "===================================================="
		sysctl kern.random.sys.seeded=0 2>/dev/null
		read -t ${timeout} junk
		echo "${junk}" `sysctl -a` `date` > /dev/random
	fi
	)
}

sshd_keygen()
{
	(
	umask 022

	# Can't do anything if ssh is not installed
	[ -x /usr/bin/ssh-keygen ] || {
		warn "/usr/bin/ssh-keygen does not exist."
		return 1
	}

	if [ -f /etc/ssh/ssh_host_key ]; then
		echo "You already have an RSA host key" \
		    "in /etc/ssh/ssh_host_key"
		echo "Skipping protocol version 1 RSA Key Generation"
	else
		/usr/bin/ssh-keygen -t rsa1 -b 1024 \
		    -f /etc/ssh/ssh_host_key -N ''
	fi

	if [ -f /etc/ssh/ssh_host_dsa_key ]; then
		echo "You already have a DSA host key" \
		    "in /etc/ssh/ssh_host_dsa_key"
		echo "Skipping protocol version 2 DSA Key Generation"
	else
		/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
	fi

	if [ -f /etc/ssh/ssh_host_rsa_key ]; then
		echo "You already have an RSA host key" \
		    "in /etc/ssh/ssh_host_rsa_key"
		echo "Skipping protocol version 2 RSA Key Generation"
	else
		/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
	fi

	if [ -f /etc/ssh/ssh_host_ecdsa_key ]; then
		echo "You already have an ECDSA host key" \
		    "in /etc/ssh/ssh_host_ecdsa_key"
		echo "Skipping protocol version 2 ECDSA Key Generation"
	else
		/usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
	fi
	)
}

sshd_configtest()
{
	echo "Performing sanity check on ${name} configuration."
	eval ${command} ${sshd_flags} -t
}

sshd_precmd()
{
	if [ ! -f /etc/ssh/ssh_host_key -o \
	    ! -f /etc/ssh/ssh_host_dsa_key -o \
	    ! -f /etc/ssh/ssh_host_ecdsa_key -o \
	    ! -f /etc/ssh/ssh_host_rsa_key ]; then
		user_reseed
		run_rc_command keygen
	fi
	sshd_configtest
}

load_rc_config $name
run_rc_command "$1"
@


1.18
log
@SVN rev 240336 on 2012-09-11 05:04:59Z by obrien

Simply things so that "#REQUIRE: FILESYSTEMS" means the file
systems are fully "ready to go".

'FILESYSTEMS' states: "This is a dummy dependency, for services which
require file systems to be mounted before starting."  However, we have
'var' which is was run after 'FILESYSTEMS' and can mount /var if it
already isn't mounted.  Furthermore, several scripts cannot use /var
until 'cleanvar' has done its thing.  Thus "FILESYSTEMS" hasn't really
meant all critical file systems are fully usable.
@
text
@d3 1
a3 1
# $FreeBSD$
@


1.17
log
@SVN rev 240109 on 2012-09-04 21:56:16Z by des

Add a configtest command.

Submitted by:	gjb@@
MFC after:	1 week
@
text
@d7 1
a7 1
# REQUIRE: LOGIN cleanvar
@


1.16
log
@SVN rev 230099 on 2012-01-14 02:18:41Z by dougb

Prepare for the removal of set_rcvar() by changing the rcvar=
assignments to the literal values it would have returned.

The concept of set_rcvar() was nice in theory, but the forks
it creates are a drag on the startup process, which is especially
noticeable on slower systems, such as embedded ones.

During the discussion on freebsd-rc@@ a preference was expressed for
using ${name}_enable instead of the literal values. However the
code portability concept doesn't really apply since there are so
many other places where the literal name has to be searched for
and replaced. Also, using the literal value is also a tiny bit
faster than dereferencing the variables, and every little bit helps.
@
text
@d17 1
d19 1
a19 1
extra_commands="keygen reload"
d91 6
d106 1
@


1.15
log
@SVN rev 221420 on 2011-05-04 07:34:44Z by des

Upgrade to OpenSSH 5.8p2.
@
text
@d13 1
a13 1
rcvar=`set_rcvar`
@


1.15.2.1
log
@SVN rev 225736 on 2011-09-23 00:51:37Z by kensmith

Copy head to stable/9 as part of 9.0-RELEASE release cycle.

Approved by:	re (implicit)
@
text
@@


1.15.2.2
log
@SVN rev 231653 on 2012-02-14 10:16:56Z by dougb

MFC r230099:

Change rcvar= assignments to the literal values set_rcvar
would have returned. This will slightly reduce boot time,
and help in diff reduction to HEAD.
@
text
@d13 1
a13 1
rcvar="sshd_enable"
@


1.15.2.3
log
@SVN rev 242153 on 2012-10-26 18:06:49Z by obrien

MFC: r240336:
  Simply things so that "#REQUIRE: FILESYSTEMS" means the file
  systems are fully "ready to go".

  'FILESYSTEMS' states: "This is a dummy dependency, for services which
  require file systems to be mounted before starting."  However, we have
  'var' which is was run after 'FILESYSTEMS' and can mount /var if it
  already isn't mounted.  Furthermore, several scripts cannot use /var
  until 'cleanvar' has done its thing.  Thus "FILESYSTEMS" hasn't really
  meant all critical file systems are fully usable.
@
text
@d7 1
a7 1
# REQUIRE: LOGIN FILESYSTEMS
@


1.15.2.4
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/ 242902
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r242902 | dteske | 2012-11-11 23:29:45 +0000 (Sun, 11 Nov 2012) | 10 lines
## SVN ##
## SVN ## Fix a regression introduced by SVN r211417 that saw the breakage of a feature
## SVN ## documented in usr.sbin/sysinstall/help/shortcuts.hlp (reproduced below):
## SVN ##
## SVN ## If /usr/sbin/sysinstall is linked to another filename, say
## SVN ## `/usr/local/bin/configPackages', then the basename will be used
## SVN ## as an implicit command name.
## SVN ##
## SVN ## Reviewed by:	adrian (co-mentor)
## SVN ## Approved by:	adrian (co-mentor)
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@d3 1
a3 1
# $FreeBSD: stable/9/etc/rc.d/sshd 242153 2012-10-26 18:06:49Z obrien $
@


1.15.2.5
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/247461
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d3 1
a3 1
# $FreeBSD: stable/9/etc/rc.d/sshd 247461 2013-02-28 12:03:17Z des $
a16 1
configtest_cmd="sshd_configtest"
d18 1
a18 1
extra_commands="configtest keygen reload"
a89 6
sshd_configtest()
{
	echo "Performing sanity check on ${name} configuration."
	eval ${command} ${sshd_flags} -t
}

a98 1
	sshd_configtest
@


1.15.2.6
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/250195
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d3 1
a3 1
# $FreeBSD: stable/9/etc/rc.d/sshd 250195 2013-05-02 21:49:43Z bdrewery $
a16 2
reload_precmd="sshd_configtest"
restart_precmd="sshd_configtest"
@


1.15.2.7
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/252477
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d3 1
a3 1
# $FreeBSD: stable/9/etc/rc.d/sshd 252477 2013-07-01 20:45:55Z delphij $
d17 2
a18 2
reload_precmd="sshd_precmd"
restart_precmd="sshd_precmd"
@


1.15.2.8
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/263970
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d3 1
a3 1
# $FreeBSD: stable/9/etc/rc.d/sshd 263970 2014-03-31 14:39:56Z des $
d17 2
a18 2
reload_precmd="sshd_configtest"
restart_precmd="sshd_configtest"
d23 1
a23 5
: ${sshd_rsa1_enable:="yes"}
: ${sshd_rsa_enable:="yes"}
: ${sshd_dsa_enable:="yes"}
: ${sshd_ecdsa_enable:="yes"}
: ${sshd_ed25519_enable:="yes"}
d25 1
a25 1
sshd_keygen_alg()
d27 24
a50 19
	local alg=$1
	local ALG="$(echo $alg | tr a-z A-Z)"
	local keyfile

	if ! checkyesno "sshd_${alg}_enable" ; then
		return 0
	fi

	case $alg in
	rsa1)
		keyfile="/etc/ssh/ssh_host_key"
		;;
	rsa|dsa|ecdsa|ed25519)
		keyfile="/etc/ssh/ssh_host_${alg}_key"
		;;
	*)
		return 1
		;;
	esac
d52 2
a53 1
	if [ ! -x /usr/bin/ssh-keygen ] ; then
d56 9
d67 4
a70 2
	if [ -f "${keyfile}" ] ; then
		info "$ALG host key exists."
d72 9
a80 3
		echo "Generating $ALG host key."
		/usr/bin/ssh-keygen -q -t $alg -f "$keyfile" -N ""
		/usr/bin/ssh-keygen -l -f "$keyfile.pub"
a81 1
}
d83 8
a90 7
sshd_keygen()
{
	sshd_keygen_alg rsa1
	sshd_keygen_alg rsa
	sshd_keygen_alg dsa
	sshd_keygen_alg ecdsa
	sshd_keygen_alg ed25519
d101 8
a108 2
	run_rc_command keygen
	run_rc_command configtest
@


1.15.2.2.2.1
log
@SVN rev 239080 on 2012-08-05 23:54:33Z by kensmith

Copy stable/9 to releng/9.1 as part of the 9.1-RELEASE release process.

Approved by:	re (implicit)
@
text
@@


1.15.2.2.2.2
log
@Switch importer
@
text
@d3 1
a3 1
# $FreeBSD: releng/9.1/etc/rc.d/sshd 231653 2012-02-14 10:16:56Z dougb $
@


1.15.2.1.2.1
log
@SVN rev 227445 on 2011-11-11 04:20:22Z by kensmith

Copy stable/9 to releng/9.0 as part of the FreeBSD 9.0-RELEASE release
cycle.

Approved by:	re (implicit)
@
text
@@


1.15.2.1.2.2
log
@Switch importer
@
text
@d3 1
a3 1
# $FreeBSD: releng/9.0/etc/rc.d/sshd 221420 2011-05-04 07:34:44Z des $
@


1.14
log
@SVN rev 180564 on 2008-07-16 19:50:29Z by dougb

Add the shutdown KEYWORD to those scripts that start persistent services
to allow them to do a "clean" shutdown.

I purposely avoided making changes to network-related stuff since the
system shutting down is pretty conclusive, and there may be complicated
dependencies on the network that I would rather not try to unravel.

I also skipped kerberos-related stuff for the reasons above, and
because I have no way to test it.
@
text
@d73 1
a73 1
		echo "You already have a RSA host key" \
d79 8
d94 1
@


1.14.2.1
log
@SVN rev 196045 on 2009-08-03 08:13:06Z by kensmith

Copy head to stable/8 as part of 8.0 Release cycle.

Approved by:	re (Implicit)
@
text
@@


1.14.2.2
log
@SVN rev 231655 on 2012-02-14 10:17:14Z by dougb

MFC r230099:

Change rcvar= assignments to the literal values set_rcvar
would have returned. This will slightly reduce boot time,
and help in diff reduction to HEAD.
@
text
@d13 1
a13 1
rcvar="sshd_enable"
@


1.14.2.3
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/ 242909
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r242909 | dim | 2012-11-12 07:47:19 +0000 (Mon, 12 Nov 2012) | 20 lines
## SVN ##
## SVN ## MFC r242625:
## SVN ##
## SVN ## Remove duplicate const specifiers in many drivers (I hope I got all of
## SVN ## them, please let me know if not).  Most of these are of the form:
## SVN ##
## SVN ## static const struct bzzt_type {
## SVN ##       [...list of members...]
## SVN ## } const bzzt_devs[] = {
## SVN ##       [...list of initializers...]
## SVN ## };
## SVN ##
## SVN ## The second const is unnecessary, as arrays cannot be modified anyway,
## SVN ## and if the elements are const, the whole thing is const automatically
## SVN ## (e.g. it is placed in .rodata).
## SVN ##
## SVN ## I have verified this does not change the binary output of a full kernel
## SVN ## build (except for build timestamps embedded in the object files).
## SVN ##
## SVN ## Reviewed by:	yongari, marius
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@d3 1
a3 1
# $FreeBSD: stable/8/etc/rc.d/sshd 231655 2012-02-14 10:17:14Z dougb $
@


1.14.2.4
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/247521
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d3 1
a3 1
# $FreeBSD: stable/8/etc/rc.d/sshd 247521 2013-03-01 02:06:04Z des $
a16 1
configtest_cmd="sshd_configtest"
d18 1
a18 1
extra_commands="configtest keygen reload"
d73 1
a73 1
		echo "You already have an RSA host key" \
a78 8

	if [ -f /etc/ssh/ssh_host_ecdsa_key ]; then
		echo "You already have an ECDSA host key" \
		    "in /etc/ssh/ssh_host_ecdsa_key"
		echo "Skipping protocol version 2 ECDSA Key Generation"
	else
		/usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
	fi
a81 6
sshd_configtest()
{
	echo "Performing sanity check on ${name} configuration."
	eval ${command} ${sshd_flags} -t
}

a85 1
	    ! -f /etc/ssh/ssh_host_ecdsa_key -o \
a89 1
	sshd_configtest
@


1.14.2.5
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/250196
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d3 1
a3 1
# $FreeBSD: stable/8/etc/rc.d/sshd 250196 2013-05-02 21:51:57Z bdrewery $
a16 2
reload_precmd="sshd_configtest"
restart_precmd="sshd_configtest"
@


1.14.2.6
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/252478
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d3 1
a3 1
# $FreeBSD: stable/8/etc/rc.d/sshd 252478 2013-07-01 20:46:35Z delphij $
d17 2
a18 2
reload_precmd="sshd_precmd"
restart_precmd="sshd_precmd"
@


1.14.2.2.2.1
log
@SVN rev 232438 on 2012-03-03 06:15:13Z by kensmith

Copy stable/8 to releng/8.3 as part of 8.3-RELEASE release cycle.

Approved by:	re (implicit)
@
text
@@


1.14.2.2.2.2
log
@Switch importer
@
text
@d3 1
a3 1
# $FreeBSD: releng/8.3/etc/rc.d/sshd 231655 2012-02-14 10:17:14Z dougb $
@


1.14.2.1.6.1
log
@SVN rev 216617 on 2010-12-21 17:09:25Z by kensmith

Copy stable/8 to releng/8.2 in preparation for FreeBSD-8.2 release.

Approved by:	re (implicit)
@
text
@@


1.14.2.1.4.1
log
@SVN rev 209145 on 2010-06-14 02:09:06Z by kensmith

Copy stable/8 to releng/8.1 in preparation for 8.1-RC1.

Approved by:	re (implicit)
@
text
@@


1.14.2.1.2.1
log
@SVN rev 198460 on 2009-10-25 01:10:29Z by kensmith

Copy stable/8 to releng/8.0 as part of 8.0-RELEASE release procedure.

Approved by:	re (implicit)
@
text
@@


1.13
log
@Remove $NetBSD$ CVS tags. We no longer attempt to synch our rc.d files
with theirs, so this information doesn't need to be in the live file.
Having it in our CVS history is enough.
@
text
@d8 1
@


1.12
log
@Backout this commit since it breaks startup and some scripts in
certain conditions. I haven't been able to find a better solution yet:

    - Set a two read-only variables (${prefix} and ${etcdir}). This is
    especially useful when using /etc/rc.d scripts with third-party
    software installed from ports.
    - Fix rc.d/sshd to work with openssh from ports using ${etcdir}
    instead of hardcoded /etc.
    - Reflect prefix/etcdir changes in rc.subr.8.

        src/etc/rc.d/sshd: rev 1.9 -> 1.10
        src/etc/rc.subr: rev 1.51 -> 1.52
        src/share/man/man8/rc.subr.8: rev 1.11 -> 1.12

Approved by:	cperciva (mentor)
@
text
@a2 1
# $NetBSD: sshd,v 1.18 2002/04/29 08:23:34 lukem Exp $
@


1.12.4.1
log
@MFC the purely cosmetic changes, including removal of $NetBSD$ Ids,
a few spurious #'s, an empty REQUIRE, and a never-used KEYWORD.

Approved by:	re (kensmith)
@
text
@d3 1
@


1.12.2.1
log
@MFC the purely cosmetic changes, including removal of $NetBSD$ Ids,
a few spurious #'s, an empty REQUIRE, and a never-used KEYWORD.
@
text
@d3 1
@


1.12.2.2
log
@SVN rev 190362 on 2009-03-24 02:48:54Z by dougb

MFC r180564, addition of the SHUTDOWN keyword to those scripts that
start persistent services.
@
text
@a7 1
# KEYWORD: shutdown
@


1.12.2.3
log
@SVN rev 231656 on 2012-02-14 10:17:30Z by dougb

MFC r230099:

Change rcvar= assignments to the literal values set_rcvar
would have returned. This will slightly reduce boot time,
and help in diff reduction to HEAD.
@
text
@d13 1
a13 1
rcvar="sshd_enable"
@


1.12.2.4
log
@Switch importer
@
text
@d3 1
a3 1
# $FreeBSD: stable/7/etc/rc.d/sshd 231656 2012-02-14 10:17:30Z dougb $
@


1.12.2.2.6.1
log
@SVN rev 216618 on 2010-12-21 17:10:29Z by kensmith

Copy stable/7 to releng/7.4 in preparation for FreeBSD-7.4 release.

Approved by:	re (implicit)
@
text
@@


1.12.2.2.6.2
log
@Switch importer
@
text
@d3 1
a3 1
# $FreeBSD: releng/7.4/etc/rc.d/sshd 190362 2009-03-24 02:48:54Z dougb $
@


1.12.2.2.4.1
log
@SVN rev 203736 on 2010-02-10 00:26:20Z by kensmith

Copy stable/7 to releng/7.3 as part of the 7.3-RELEASE process.

Approved by:	re (implicit)
@
text
@@


1.12.2.2.2.1
log
@SVN rev 191087 on 2009-04-15 03:14:26Z by kensmith

Create releng/7.2 from stable/7 in preparation for 7.2-RELEASE.

Approved by:	re (implicit)
@
text
@@


1.12.2.1.2.1
log
@SVN rev 185281 on 2008-11-25 02:59:29Z by kensmith

Create releng/7.1 in preparation for moving into RC phase of 7.1 release
cycle.

Approved by:	re (implicit)
@
text
@@


1.11
log
@- Fix rc.d/sshd test on kern.random.sys.seeded.

PR:		conf/94377
Submitted by:	dwhite
Approved by:	cperciva (mentor)
MFC after:	1 week
@
text
@a21 2
load_rc_config $name

d50 2
a51 2
	[ -x ${prefix}/bin/ssh-keygen ] || {
		warn "${prefix}/bin/ssh-keygen does not exist."
d55 1
a55 1
	if [ -f ${etcdir}/ssh/ssh_host_key ]; then
d57 1
a57 1
		    "in ${etcdir}/ssh/ssh_host_key"
d60 2
a61 2
		${prefix}/bin/ssh-keygen -t rsa1 -b 1024 \
		    -f ${etcdir}/ssh/ssh_host_key -N ''
d64 1
a64 1
	if [ -f ${etcdir}/ssh/ssh_host_dsa_key ]; then
d66 1
a66 1
		    "in ${etcdir}/ssh/ssh_host_dsa_key"
d69 1
a69 1
		${prefix}/bin/ssh-keygen -t dsa -f ${etcdir}/ssh/ssh_host_dsa_key -N ''
d72 1
a72 1
	if [ -f ${etcdir}/ssh/ssh_host_rsa_key ]; then
d74 1
a74 1
		    "in ${etcdir}/ssh/ssh_host_rsa_key"
d77 1
a77 1
		${prefix}/bin/ssh-keygen -t rsa -f ${etcdir}/ssh/ssh_host_rsa_key -N ''
d84 3
a86 3
	if [ ! -f ${etcdir}/ssh/ssh_host_key -o \
	    ! -f ${etcdir}/ssh/ssh_host_dsa_key -o \
	    ! -f ${etcdir}/ssh/ssh_host_rsa_key ]; then
d92 1
@


1.10
log
@- Set a two read-only variables (${prefix} and ${etcdir}). This is
especially useful when using /etc/rc.d scripts with third-party
software installed from ports.
- Fix rc.d/sshd to work with openssh from ports using ${etcdir}
instead of hardcoded /etc.

Reviewed by:	brooks
Approved by:	cperciva (mentor)
MFC after:	1 week
@
text
@d28 1
a28 1
	if [ "${seeded}" != "" ] ; then
@


1.9
log
@Don't be lazy, set the "command" variable even if
/etc/defaults/rc.conf will provide foo_program, too.
By specifying "command" we explicitly say that we're
going to rely on rc.subr(8) default methods, and
rc.subr(8) will take advantage of this soon.

The majority of our rc.d scripts already set "command"
if appropriate, so fix just the non-compliant handful.
@
text
@d22 2
d52 2
a53 2
	[ -x /usr/bin/ssh-keygen ] || {
		warn "/usr/bin/ssh-keygen does not exist."
d57 1
a57 1
	if [ -f /etc/ssh/ssh_host_key ]; then
d59 1
a59 1
		    "in /etc/ssh/ssh_host_key"
d62 2
a63 2
		/usr/bin/ssh-keygen -t rsa1 -b 1024 \
		    -f /etc/ssh/ssh_host_key -N ''
d66 1
a66 1
	if [ -f /etc/ssh/ssh_host_dsa_key ]; then
d68 1
a68 1
		    "in /etc/ssh/ssh_host_dsa_key"
d71 1
a71 1
		/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
d74 1
a74 1
	if [ -f /etc/ssh/ssh_host_rsa_key ]; then
d76 1
a76 1
		    "in /etc/ssh/ssh_host_rsa_key"
d79 1
a79 1
		/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
d86 3
a88 3
	if [ ! -f /etc/ssh/ssh_host_key -o \
	    ! -f /etc/ssh/ssh_host_dsa_key -o \
	    ! -f /etc/ssh/ssh_host_rsa_key ]; then
a93 1
load_rc_config $name
@


1.8
log
@"REQUIRE: cleanvar" for all RC's writing into /var/run.
@
text
@d14 1
@


1.8.2.1
log
@Diff reduction to HEAD:

MFC yar's cleanup of command=*/foo -> command=*/${name},
and related changes.
@
text
@a13 1
command="/usr/sbin/${name}"
@


1.8.2.2
log
@MFC:

  - Set a two read-only variables (${prefix} and ${etcdir}). This is
  especially useful when using /etc/rc.d scripts with third-party
  software installed from ports.
  - Fix rc.d/sshd to work with openssh from ports using ${etcdir}
  instead of hardcoded /etc.
  - Reflect prefix/etcdir changes in rc.subr.8.

      src/etc/rc.d/sshd: rev 1.9 -> 1.10
      src/etc/rc.subr: rev 1.51 -> 1.52
      src/share/man/man8/rc.subr.8: rev 1.11 -> 1.12
@
text
@a21 2
load_rc_config $name

d50 2
a51 2
	[ -x ${prefix}/bin/ssh-keygen ] || {
		warn "${prefix}/bin/ssh-keygen does not exist."
d55 1
a55 1
	if [ -f ${etcdir}/ssh/ssh_host_key ]; then
d57 1
a57 1
		    "in ${etcdir}/ssh/ssh_host_key"
d60 2
a61 2
		${prefix}/bin/ssh-keygen -t rsa1 -b 1024 \
		    -f ${etcdir}/ssh/ssh_host_key -N ''
d64 1
a64 1
	if [ -f ${etcdir}/ssh/ssh_host_dsa_key ]; then
d66 1
a66 1
		    "in ${etcdir}/ssh/ssh_host_dsa_key"
d69 1
a69 1
		${prefix}/bin/ssh-keygen -t dsa -f ${etcdir}/ssh/ssh_host_dsa_key -N ''
d72 1
a72 1
	if [ -f ${etcdir}/ssh/ssh_host_rsa_key ]; then
d74 1
a74 1
		    "in ${etcdir}/ssh/ssh_host_rsa_key"
d77 1
a77 1
		${prefix}/bin/ssh-keygen -t rsa -f ${etcdir}/ssh/ssh_host_rsa_key -N ''
d84 3
a86 3
	if [ ! -f ${etcdir}/ssh/ssh_host_key -o \
	    ! -f ${etcdir}/ssh/ssh_host_dsa_key -o \
	    ! -f ${etcdir}/ssh/ssh_host_rsa_key ]; then
d92 1
@


1.8.2.3
log
@MFC:

  - Fix rc.d/sshd test on kern.random.sys.seeded.

      src/etc/rc.d/sshd: rev 1.10 -> 1.11

PR:		conf/94377
Submitted by:	dwhite
@
text
@d28 1
a28 1
	if [ "x${seeded}" != "x" ] && [ ${seeded} -eq 0 ] ; then
@


1.8.2.4
log
@Backout this commit since new bug reports have raised after the MFC:

    - Set a two read-only variables (${prefix} and ${etcdir}). This is
    especially useful when using /etc/rc.d scripts with third-party
    software installed from ports.
    - Fix rc.d/sshd to work with openssh from ports using ${etcdir}
    instead of hardcoded /etc.
    - Reflect prefix/etcdir changes in rc.subr.8.
@
text
@d22 2
d52 2
a53 2
	[ -x /usr/bin/ssh-keygen ] || {
		warn "/usr/bin/ssh-keygen does not exist."
d57 1
a57 1
	if [ -f /etc/ssh/ssh_host_key ]; then
d59 1
a59 1
		    "in /etc/ssh/ssh_host_key"
d62 2
a63 2
		/usr/bin/ssh-keygen -t rsa1 -b 1024 \
		    -f /etc/ssh/ssh_host_key -N ''
d66 1
a66 1
	if [ -f /etc/ssh/ssh_host_dsa_key ]; then
d68 1
a68 1
		    "in /etc/ssh/ssh_host_dsa_key"
d71 1
a71 1
		/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
d74 1
a74 1
	if [ -f /etc/ssh/ssh_host_rsa_key ]; then
d76 1
a76 1
		    "in /etc/ssh/ssh_host_rsa_key"
d79 1
a79 1
		/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
d86 3
a88 3
	if [ ! -f /etc/ssh/ssh_host_key -o \
	    ! -f /etc/ssh/ssh_host_dsa_key -o \
	    ! -f /etc/ssh/ssh_host_rsa_key ]; then
a93 1
load_rc_config $name
@


1.8.2.5
log
@MFC the purely cosmetic changes, including removal of $NetBSD$ Ids,
a few spurious #'s, an empty REQUIRE, and a never-used KEYWORD.
@
text
@d3 1
@


1.8.2.6
log
@Switch importer
@
text
@d3 1
a3 1
# $FreeBSD: stable/6/etc/rc.d/sshd 175742 2008-01-28 08:22:33Z dougb $
@


1.8.2.5.2.1
log
@SVN rev 183531 on 2008-10-02 02:57:24Z by kensmith

Create releng/6.4 from stable/6 in preparation for 6.4-RC1.

Approved by:	re (implicit)
@
text
@@


1.7
log
@Remove the requirement for the FreeBSD keyword as it no longer
makes any sense.

Discussed with: dougb, brooks
MFC after: 3 days
@
text
@d8 1
a8 1
# REQUIRE: LOGIN
@


1.6
log
@Give sshd a secure startup, but with a tweakable timeout so that
the box won't hang forever at startup.
@
text
@a8 1
# KEYWORD: FreeBSD
@


1.6.2.1
log
@RCS file: /home/ncvs/src/etc/rc,v
----------------------------
revision 1.335
date: 2004/10/08 14:23:49;  author: mtm;  state: Exp;  lines: +0 -1
Remove an unused variable.

Submitted by: Pawel Worach <pawel.worach@@telia.com>
----------------------------
revision 1.334
date: 2004/10/07 13:55:25;  author: mtm;  state: Exp;  lines: +1 -1
Remove the requirement for the FreeBSD keyword as it no longer
makes any sense.

Discussed with: dougb, brooks
MFC after: 3 days
=============================================================================
RCS file: /home/ncvs/src/etc/rc.d/nsswitch,v
----------------------------
revision 1.4
date: 2004/09/16 17:03:12;  author: keramida;  state: Exp;  lines: +1 -1
Fix requirement of `network' to `NETWORK' because the former isn't
provided by any rc.d script.

Approved by:	mtm
=============================================================================
RCS file: /home/ncvs/src/etc/rc.d/pflog,v
----------------------------
revision 1.3
date: 2004/09/16 17:04:20;  author: keramida;  state: Exp;  lines: +1 -1
We don't have any providers of `beforenetlkm' in FreeBSD.  Remove the
dependency to it from our rc.d scripts.

Approved by:	mtm
=============================================================================

Approved by: re/scottl
@
text
@d9 1
@


1.5
log
@Luke Mewburn has indicated that they (NetBSD) are not interested
in keeping the scripts under rc.d in sync with us. So, remove
NetBSD specific stuff (which made our scripts more complicated
than necessary).

The NetBSD ident string will be left intact, both for history and
also incase we wish to pull in future versions.
@
text
@d20 24
d87 1
@


1.4
log
@Luke Mewburn has indicated that they (NetBSD) are not interested
in keeping the scripts under rc.d in sync with us. So, begin removal
of NetBSD specific stuff (which made our scripts more complicated
than necessary), starting with the NetBSD KEYWORD.
@
text
@a18 6
case ${OSTYPE} in
NetBSD)
	command="/usr/sbin/${name}"
	required_files="/etc/ssh/sshd_config"
	;;
esac
@


1.3
log
@Not everyone uses the base system sshd. They can use the sshd_program
variable in rc.conf to have sshd from ports (or somewhere else) installed.
So, don't make the sshd_config for the base system a required file
to start the service.

PR: conf/45766
@
text
@d9 1
a9 1
# KEYWORD: FreeBSD NetBSD
@


1.2
log
@Merge in all the changes that Mike Makonnen has been maintaining for a
while. This is only the script pieces, the glue for the build comes next.

Submitted by:	Mike Makonnen <makonnen@@pacbell.net>
Reviewed by:	silence on -current and -hackers
Prodded by:	rwatson
@
text
@a14 1
command="/usr/sbin/${name}"
a17 1
required_files="/etc/ssh/sshd_config"
d19 6
@


1.1
log
@Initial revision
@
text
@d3 2
a4 1
# $NetBSD: sshd,v 1.7 2000/08/10 22:49:43 lukem Exp $
d9 1
d14 1
a14 1
rcvar=$name
d16 2
d19 1
a19 1
required_files="/etc/${name}.conf"
d24 13
a36 3
	if [ -f /etc/ssh_host_key ]; then
		echo "You already have an RSA host key in /etc/ssh_host_key"
		echo "Skipping RSA Key Generation"
d38 2
a39 2
		umask 022
		/usr/bin/ssh-keygen -b 1024 -f /etc/ssh_host_key -N ''
d42 4
a45 3
	if [ -f /etc/ssh_host_dsa_key ]; then
		echo "You already have a DSA host key in /etc/ssh_host_dsa_key"
		echo "Skipping DSA Key Generation"
d47 1
a47 2
		umask 022
		/usr/bin/ssh-keygen -d -f /etc/ssh_host_dsa_key -N ''
d49 9
d62 4
a65 2
	if [ ! -f /etc/ssh_host_key -o ! -f /etc/ssh_host_dsa_key ]; then
		/etc/rc.d/sshd keygen
a67 3

keygen_cmd=sshd_keygen
start_precmd=sshd_precmd
@


1.1.1.1
log
@Import the NetBSD 1.5 RC system.

Note that `rc' and `rc.shutdown' could not be imported because we already
have files with those names.
@
text
@@


1.1.1.2
log
@Sync with NetBSD's mainline.
@
text
@d3 1
a3 1
# $NetBSD: sshd,v 1.17 2002/04/29 05:55:06 lukem Exp $
d15 1
a15 1
required_files="/etc/ssh/sshd_config"
d20 3
a22 6
	(
	umask 022
	if [ -f /etc/ssh/ssh_host_key ]; then
		echo "You already have an RSA host key" \
		    "in /etc/ssh/ssh_host_key"
		echo "Skipping protocol version 1 RSA Key Generation"
d24 2
a25 2
		/usr/bin/ssh-keygen -t rsa1 -b 1024 \
		    -f /etc/ssh/ssh_host_key -N ''
d28 3
a30 4
	if [ -f /etc/ssh/ssh_host_dsa_key ]; then
		echo "You already have a DSA host key" \
		    "in /etc/ssh/ssh_host_dsa_key"
		echo "Skipping protocol version 2 DSA Key Generation"
d32 2
a33 1
		/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
a34 9

	if [ -f /etc/ssh/ssh_host_rsa_key ]; then
		echo "You already have a RSA host key" \
		    "in /etc/ssh/ssh_host_rsa_key"
		echo "Skipping protocol version 2 RSA Key Generation"
	else
		/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
	fi
	)
d39 2
a40 4
	if [ ! -f /etc/ssh/ssh_host_key -o \
	    ! -f /etc/ssh/ssh_host_dsa_key -o \
	    ! -f /etc/ssh/ssh_host_rsa_key ]; then
		run_rc_command keygen
@

