Add service files for OpenSSH server

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-31 21:28:28 +02:00 · 2018-08-31 21:28:28 +02:00 · bb16d1f1bf
parent f39aba8aa3
commit bb16d1f1bf
6 changed files with 28 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -36,6 +36,8 @@ services/hostapd
 services/swclock
 services/swclocksave
 services/nft
+services/sshd
+services/sshd_keygen

 scripts/devfs.sh
 scripts/ifrename.sh
--- a/configure.ac
+++ b/configure.ac
@ -73,6 +73,8 @@ AC_CONFIG_FILES([services/hostapd])
 AC_CONFIG_FILES([services/swclock])
 AC_CONFIG_FILES([services/swclocksave])
 AC_CONFIG_FILES([services/nft])
+AC_CONFIG_FILES([services/sshd])
+AC_CONFIG_FILES([services/sshd_keygen])
 AC_CONFIG_FILES([scripts/devfs.sh])
 AC_CONFIG_FILES([scripts/ifrename.sh])
 AC_CONFIG_FILES([scripts/ifcfg.sh])
--- a/docs/defconfig.md
+++ b/docs/defconfig.md
@ -104,3 +104,7 @@ For the shutdown and reboot targets, the following services are executed:
   restores a somewhat usable time from a file during boot.
 * swclocksave - For systems that don't have a hardware clock, this service
   saves the current time to a file during shutdown or reboot.
+ * sshd_keygen - A wait type service that generates host keys for the OpenSSH
+   server and then disables itself.
+ * sshd - Starts an OpenSSH server after the network pseudo service and after
+   the sshd_keygen service.
--- a/services/Makemodule.am
+++ b/services/Makemodule.am
@ -8,6 +8,7 @@ init_DATA += services/dhcpcd services/dhcpcdmaster services/unbound
 init_DATA += services/dnsmasq services/ifdown services/modules
 init_DATA += services/network services/hostapd services/swclock
 init_DATA += services/swclocksave services/nft services/sigkill
+init_DATA += services/sshd services/sshd_keygen

 if USYSLOGD
 init_DATA += services/usyslogd
--- a/services/sshd.in
+++ b/services/sshd.in
@ -0,0 +1,5 @@
+description "OpenSSH server"
+type respawn limit 5
+target boot
+after network sshd_keygen
+exec "@SBINPATH@/sshd" -D
--- a/services/sshd_keygen.in
+++ b/services/sshd_keygen.in
@ -0,0 +1,14 @@
+description "OpenSSH server - generate host keys"
+type wait
+target boot
+after network
+tty /dev/null
+exec {
+	mkdir -p "@ETCPATH@/ssh/"
+
+	ssh-keygen -f "@ETCPATH@/ssh/host_rsa_key" -N "" -t rsa
+	ssh-keygen -f "@ETCPATH@/ssh/host_ecdsa_key" -N "" -t ecdsa
+	ssh-keygen -f "@ETCPATH@/ssh/host_ed25519_key" -N "" -t ed25519
+
+	service disable sshd_keygen
+}