FreeBSD Port: openssh-3.6.1
Oliver Eikemeier
eikemeier at fillmore-labs.com
Fri Sep 19 05:11:19 PDT 2003
Dirk Meyer wrote:
> you can preview OpenSSH 3.7.1 the port at:
> http://people.freebsd.org/~dinoex/ports/openssh-portable-371/
>
> but there are a lot of changes. E.g. No Kerberos 4 any more.
Hi Dirk,
thanks for the great work. How about a rcNG script for sshd?
* Makefile:
USE_RC_SUBR= yes
...
post-configure:
${SED} -e 's:__PREFIX__:${PREFIX}:g' \
-e 's:__ETCSSH__:${ETCSSH}:g' \
-e 's:__RC_SUBR__:${RC_SUBR}:g' \
${FILESDIR}/sshd.sh > ${WRKSRC}/sshd.sh
...
post-install:
.if !defined(OPENSSH_OVERWRITE_BASE)
${INSTALL_SCRIPT} ${WRKSRC}/sshd.sh ${PREFIX}/etc/rc.d/sshd.sh
.endif
and tell users to do
echo 'enable_sshd_portable="YES"' >> /etc/rc.conf
if they want to enable sshd.
* replace files/sshd.sh by:
--- sshd.sh begins here ---
#!/bin/sh
#
# $FreeBSD$
#
# PROVIDE: sshd
# REQUIRE: LOGIN
# KEYWORD: FreeBSD
. __RC_SUBR__
name="sshd_portable"
rcvar=`set_rcvar`
command="__PREFIX__/sbin/sshd"
pidfile="/var/run/sshd.pid"
required_files="__ETCSSH__/sshd_config"
start_precmd="sshd_precmd"
keygen_cmd="sshd_keygen"
extra_commands="keygen reload"
sshd_keygen()
{
(
umask 022
# Can't do anything if ssh is not installed
[ -x __PREFIX__/bin/ssh-keygen ] || {
warn "__PREFIX__/bin/ssh-keygen does not exist."
return 1
}
if [ -f __ETCSSH__/ssh_host_key ]; then
echo "You already have an RSA host key" \
"in __ETCSSH__/ssh_host_key"
echo "Skipping protocol version 1 RSA Key Generation"
else
__PREFIX__/bin/ssh-keygen -t rsa1 -b 1024 \
-f __ETCSSH__/ssh_host_key -N ''
fi
if [ -f __ETCSSH__/ssh_host_dsa_key ]; then
echo "You already have a DSA host key" \
"in __ETCSSH__/ssh_host_dsa_key"
echo "Skipping protocol version 2 DSA Key Generation"
else
__PREFIX__/bin/ssh-keygen -t dsa -f __ETCSSH__/ssh_host_dsa_key -N ''
fi
if [ -f __ETCSSH__/ssh_host_rsa_key ]; then
echo "You already have a RSA host key" \
"in __ETCSSH__/ssh_host_rsa_key"
echo "Skipping protocol version 2 RSA Key Generation"
else
__PREFIX__/bin/ssh-keygen -t rsa -f __ETCSSH__/ssh_host_rsa_key -N ''
fi
)
}
sshd_precmd()
{
if [ ! -f __ETCSSH__/ssh_host_key -o \
! -f __ETCSSH__/ssh_host_dsa_key -o \
! -f __ETCSSH__/ssh_host_rsa_key ]; then
run_rc_command keygen
fi
}
sshd_portable_enable=${sshd_portable_enable:-"NO"}
load_rc_config $name
run_rc_command "$1"
--- sshd.sh ends here ---
(stolen from /etc/rc.d/sshd)
* and maybe remove
%%NOTBASE%%@exec if [ ! -f %D/etc/ssh/ssh_host_key ]; then echo ">> Generating a secret RSA1 host key."; %D/bin/ssh-keygen -t rsa1 -N "" -f %D/etc/ssh/ssh_host_key; fi
%%NOTBASE%%@exec if [ ! -f %D/etc/ssh/ssh_host_rsa_key ]; then echo ">> Generating a secret RSA host key."; %D/bin/ssh-keygen -t rsa -N "" -f %D/etc/ssh/ssh_host_rsa_key; fi
%%NOTBASE%%@exec if [ ! -f %D/etc/ssh/ssh_host_dsa_key ]; then echo ">> Generating a secret DSA host key."; %D/bin/ssh-keygen -t dsa -N "" -f %D/etc/ssh/ssh_host_dsa_key; fi
from pkg-plist.
%%NOTBASE%%@exec %D/etc/rc.d/sshd.sh keygen
probably won't work, because you are missing the enable_sshd_portable="YES".
I changed sshd to sshd_portable in order to not collide with sshd from the base system.
Sorry that I didn't had the time to test.
Regards
Oliver
More information about the freebsd-ports
mailing list