summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.gitignore2
-rw-r--r--configure.ac2
-rw-r--r--docs/defconfig.md4
-rw-r--r--services/Makemodule.am1
-rw-r--r--services/sshd.in5
-rw-r--r--services/sshd_keygen.in14
6 files changed, 28 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore
index 914f9ec..5c14884 100644
--- a/.gitignore
+++ b/.gitignore
@@ -36,6 +36,8 @@ services/hostapd
services/swclock
services/swclocksave
services/nft
+services/sshd
+services/sshd_keygen
scripts/devfs.sh
scripts/ifrename.sh
diff --git a/configure.ac b/configure.ac
index d2125fb..99e4b2d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -73,6 +73,8 @@ AC_CONFIG_FILES([services/hostapd])
AC_CONFIG_FILES([services/swclock])
AC_CONFIG_FILES([services/swclocksave])
AC_CONFIG_FILES([services/nft])
+AC_CONFIG_FILES([services/sshd])
+AC_CONFIG_FILES([services/sshd_keygen])
AC_CONFIG_FILES([scripts/devfs.sh])
AC_CONFIG_FILES([scripts/ifrename.sh])
AC_CONFIG_FILES([scripts/ifcfg.sh])
diff --git a/docs/defconfig.md b/docs/defconfig.md
index af01375..10263ba 100644
--- a/docs/defconfig.md
+++ b/docs/defconfig.md
@@ -104,3 +104,7 @@ For the shutdown and reboot targets, the following services are executed:
restores a somewhat usable time from a file during boot.
* swclocksave - For systems that don't have a hardware clock, this service
saves the current time to a file during shutdown or reboot.
+ * sshd_keygen - A wait type service that generates host keys for the OpenSSH
+ server and then disables itself.
+ * sshd - Starts an OpenSSH server after the network pseudo service and after
+ the sshd_keygen service.
diff --git a/services/Makemodule.am b/services/Makemodule.am
index 5b12ca4..0843787 100644
--- a/services/Makemodule.am
+++ b/services/Makemodule.am
@@ -8,6 +8,7 @@ init_DATA += services/dhcpcd services/dhcpcdmaster services/unbound
init_DATA += services/dnsmasq services/ifdown services/modules
init_DATA += services/network services/hostapd services/swclock
init_DATA += services/swclocksave services/nft services/sigkill
+init_DATA += services/sshd services/sshd_keygen
if USYSLOGD
init_DATA += services/usyslogd
diff --git a/services/sshd.in b/services/sshd.in
new file mode 100644
index 0000000..a6292bc
--- /dev/null
+++ b/services/sshd.in
@@ -0,0 +1,5 @@
+description "OpenSSH server"
+type respawn limit 5
+target boot
+after network sshd_keygen
+exec "@SBINPATH@/sshd" -D
diff --git a/services/sshd_keygen.in b/services/sshd_keygen.in
new file mode 100644
index 0000000..6425e63
--- /dev/null
+++ b/services/sshd_keygen.in
@@ -0,0 +1,14 @@
+description "OpenSSH server - generate host keys"
+type wait
+target boot
+after network
+tty /dev/null
+exec {
+ mkdir -p "@ETCPATH@/ssh/"
+
+ ssh-keygen -f "@ETCPATH@/ssh/host_rsa_key" -N "" -t rsa
+ ssh-keygen -f "@ETCPATH@/ssh/host_ecdsa_key" -N "" -t ecdsa
+ ssh-keygen -f "@ETCPATH@/ssh/host_ed25519_key" -N "" -t ed25519
+
+ service disable sshd_keygen
+}