diff options
-rw-r--r-- | Makefile.am | 1 | ||||
-rw-r--r-- | debian/vyatta-cfg-system.postinst.in | 21 | ||||
-rw-r--r-- | sysconf/default_ssh | 1 | ||||
-rw-r--r-- | templates/service/ssh/node.def | 14 | ||||
-rw-r--r-- | templates/service/ssh/port/node.def | 3 | ||||
-rw-r--r-- | templates/service/ssh/protocol-version/node.def | 3 |
6 files changed, 35 insertions, 8 deletions
diff --git a/Makefile.am b/Makefile.am index afaaf6b0..b1681763 100644 --- a/Makefile.am +++ b/Makefile.am @@ -19,6 +19,7 @@ sysconf_DATA += sysconf/hosts sysconf_DATA += sysconf/logrotate_messages sysconf_DATA += sysconf/motd.tail sysconf_DATA += sysconf/syslog.conf +sysconf_DATA += sysconf/default_ssh cpiop = find . ! -regex '\(.*~\|.*\.bak\|.*\.swp\|.*\#.*\#\)' -print0 | \ cpio -0pd diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in index 3d02ded9..a84d41bd 100644 --- a/debian/vyatta-cfg-system.postinst.in +++ b/debian/vyatta-cfg-system.postinst.in @@ -7,7 +7,9 @@ bindir=@bindir@ sbindir=@sbindir@ # remove init of daemons that we start/stop -update-rc.d -f ntp remove >/dev/null +for init in ntp ssh; do + update-rc.d -f ${init} remove >/dev/null +done # create symlinks for bb in telnetd telnet tftp ftpget ftpput; do @@ -15,18 +17,21 @@ for bb in telnetd telnet tftp ftpget ftpput; do done ln -sf ${bindir}/progress-indicator /usr/bin/progress-indicator -# remove the config files -for conf in hosts motd.tail ntp.conf syslog.conf logrotate.d/messages; do - [ -f /etc/$conf ] && \ - ( mv /etc/$conf /etc/$conf.vyatta-save && touch /etc/$conf ); -done - -# use our config files if [ "$sysconfdir" != "/etc" ]; then + # remove the config files + for conf in hosts motd.tail ntp.conf syslog.conf logrotate.d/messages \ + default/ssh ssh/ssh_host_key + do + [ -f /etc/$conf ] && \ + ( mv /etc/$conf /etc/$conf.vyatta-save && touch /etc/$conf ); + done + + # use our config files for conf in hosts motd.tail syslog.conf; do cp $sysconfdir/$conf /etc/$conf done cp $sysconfdir/logrotate_messages /etc/logrotate.d/messages + cp $sysconfdir/default_ssh /etc/default/ssh fi # update crontab for logrotate diff --git a/sysconf/default_ssh b/sysconf/default_ssh new file mode 100644 index 00000000..bbdf535d --- /dev/null +++ b/sysconf/default_ssh @@ -0,0 +1 @@ +SSHD_OPTS= diff --git a/templates/service/ssh/node.def b/templates/service/ssh/node.def new file mode 100644 index 00000000..df868743 --- /dev/null +++ b/templates/service/ssh/node.def @@ -0,0 +1,14 @@ +help: "Enable/disable SSH protocol" +delete: "/usr/sbin/invoke-rc.d ssh stop; echo 'SSHD_OPTS=' > /etc/default/ssh" +end: "if [ -z \"$(port/@)\" ]; then exit 0; fi; \ + [ -f /etc/ssh/ssh_host_key ] \ + || ssh-keygen -t rsa1 -N '' -f /etc/ssh/ssh_host_key; \ + case \"$(protocol-version/@)\" in \ + v2) VER=2;; \ + v1) VER=1;; \ + all) VER=\"1,2\";; \ + *) VER=2;; \ + esac; \ + echo 'SSHD_OPTS=\"-p $(port/@) -o HostKey=/etc/ssh/ssh_host_key \ +-o Protocol='\\\$VER\\\" > /etc/default/ssh; \ + /usr/sbin/invoke-rc.d ssh restart" diff --git a/templates/service/ssh/port/node.def b/templates/service/ssh/port/node.def new file mode 100644 index 00000000..ae388cc9 --- /dev/null +++ b/templates/service/ssh/port/node.def @@ -0,0 +1,3 @@ +type: u32 +default: 22 +help: "Port for SSH service" diff --git a/templates/service/ssh/protocol-version/node.def b/templates/service/ssh/protocol-version/node.def new file mode 100644 index 00000000..ccf98c74 --- /dev/null +++ b/templates/service/ssh/protocol-version/node.def @@ -0,0 +1,3 @@ +type: txt +default: "v2" +help: "SSH version" |