diff options
Diffstat (limited to 'etc/sshd')
| -rwxr-xr-x | etc/sshd | 35 |
1 files changed, 19 insertions, 16 deletions
@@ -60,21 +60,22 @@ } /* restore ssh data for nanobsd platform */ - if($g['platform'] == "nanobsd" and file_exists("/conf/sshd/ssh_host_key") and !file_exists("{$sshConfigDir}/ssh_host_key.pub")) { + if ($g['platform'] == "nanobsd" and file_exists("/conf/sshd/ssh_host_key") and !file_exists("{$sshConfigDir}/ssh_host_key.pub")) { echo "Restoring SSH from /conf/sshd/"; exec("/bin/cp -p /conf/sshd/* {$sshConfigDir}/"); /* make sure host private key permissions aren't too open so sshd won't complain */ - foreach($keyfiles as $f2c) { - if(file_exists("{$sshConfigDir}/{$f2c}")) + foreach ($keyfiles as $f2c) { + if (file_exists("{$sshConfigDir}/{$f2c}")) { chmod("{$sshConfigDir}/{$f2c}", 0600); + } } } /* if any of these files are 0 bytes then they are corrupted. * remove them */ - foreach($keyfiles as $f2c) { + foreach ($keyfiles as $f2c) { if (!file_exists("{$sshConfigDir}/{$f2c}") || filesize("{$sshConfigDir}/{$f2c}") == 0) { /* Make sure we remove both files */ unlink_if_exists($sshConfigDir . '/' . basename($f2c, ".pub")); @@ -87,15 +88,16 @@ mkdir("/var/empty", 0555); } - if(!file_exists("/var/log/lastlog")) { + if (!file_exists("/var/log/lastlog")) { /* Login related files. */ @touch("/var/log/lastlog"); } - if (is_array($config['system']['ssh']) && !empty($config['system']['ssh']['port'])) + if (is_array($config['system']['ssh']) && !empty($config['system']['ssh']['port'])) { $sshport = $config['system']['ssh']['port']; - else + } else { $sshport = 22; + } /* Include default configuration for pfSense */ $sshconf = "# This file is automatically generated at startup\n"; @@ -124,7 +126,7 @@ $sshconf .= "Port $sshport\n"; /* Hide FreeBSD version */ $sshconf .= "VersionAddendum \n"; - + /* Apply package SSHDCond settings if config file exists */ if (file_exists("/etc/sshd_extra")) { $fdExtra = fopen("/etc/sshd_extra", 'r'); @@ -137,7 +139,7 @@ @file_put_contents("{$sshConfigDir}/sshd_config", $sshconf); /* mop up from a badly implemented ssh keys -> cf backup */ - if($config['ssh']['dsa_key'] <> "") { + if ($config['ssh']['dsa_key'] <> "") { unset($config['ssh']['dsa_key']); unset($config['ssh']['ecdsa_key']); unset($config['ssh']['ed25519_key']); @@ -151,16 +153,16 @@ } /* are we already running? if so exit */ - if(is_subsystem_dirty('sshdkeys')) { + if (is_subsystem_dirty('sshdkeys')) { unset($keys, $keyfiles); return; } - + // Check for all needed key files. If any are missing, the keys need to be regenerated. $generate_keys = array(); foreach ($keys as $key) { if (!file_exists("{$sshConfigDir}/ssh_host_{$key['suffix']}key") || - !file_exists("{$sshConfigDir}/ssh_host_{$key['suffix']}key.pub")) { + !file_exists("{$sshConfigDir}/ssh_host_{$key['suffix']}key.pub")) { $generate_keys[] = $key; } } @@ -179,13 +181,13 @@ /* kill existing sshd process, server only, not the childs */ $sshd_pid = exec("ps ax | egrep '/usr/sbin/[s]shd' | awk '{print $1}'"); - if($sshd_pid <> "") { + if ($sshd_pid <> "") { echo "stopping ssh process $sshd_pid \n"; @posix_kill($sshd_pid, SIGTERM); } /* Launch new server process */ $status = mwexec("/usr/sbin/sshd"); - if($status <> 0) { + if ($status <> 0) { file_notice("sshd_startup", "SSHD failed to start.", "SSHD Daemon", ""); echo "error!\n"; } else { @@ -193,9 +195,10 @@ } // NanoBSD - if($g['platform'] == "nanobsd") { - if(!is_dir("/conf/sshd")) + if ($g['platform'] == "nanobsd") { + if (!is_dir("/conf/sshd")) { mkdir("/conf/sshd", 0750); + } $_gb = exec("/bin/cp -p {$sshConfigDir}/ssh_host* /conf/sshd"); } conf_mount_ro(); |
