diff options
Diffstat (limited to 'etc/sshd')
-rwxr-xr-x | etc/sshd | 32 |
1 files changed, 32 insertions, 0 deletions
@@ -77,6 +77,31 @@ $sshConfigDir = "/etc/ssh"; + if($config['system']['ssh']['port'] <> "") { + $sshport = $config['system']['ssh']['port']; + } else { + $sshport = 22; + } + + /* Include default configuration for pfSense */ + $sshconf = "# This file is automatically generated at startup\n"; + $sshconf .= "PermitRootLogin yes\n"; + $sshconf .= "Compression yes\n"; + $sshconf .= "ClientAliveInterval 30\n"; + $sshconf .= "UseDNS no\n"; + $sshconf .= "X11Forwarding no\n"; + $sshconf .= "# override default of no subsystems\n"; + $sshconf .= "Subsystem sftp /usr/libexec/sftp-server\n"; + /* Only allow protocol 2, because we say so */ + $sshconf .= "Protocol 2\n"; + /* Run the server on another port if we have one defined */ + $sshconf .= "Port $sshport\n"; + + /* Write the new sshd config file */ + $fd = fopen("/etc/ssh/sshd_config", "w"); + fwrite($fd, $sshconf); + pclose($fd); + /* mop up from a badly implemented ssh keys -> cf backup */ if($config['ssh']['dsa_key'] <> "") { unset($config['ssh']['dsa_key']); @@ -108,6 +133,13 @@ echo "Starting SSH... "; } + /* kill existing sshd process, server only, not the childs */ + $sshd_pid = exec("ps ax | egrep '/usr/sbin/[s]shd' | awk '{print $1}'"); + if($sshd_pid <> "") { + echo "stopping ssh process $sshd_pid \n"; + mwexec("kill $sshd_pid"); + } + /* Launch new server process */ $status = mwexec("/usr/sbin/sshd"); if($status <> 0) { file_notice("sshd_startup", "SSHD failed to start.", "SSHD Daemon", ""); |