Date: Fri, 19 Sep 2003 14:11:16 +0200 From: Oliver Eikemeier <eikemeier@fillmore-labs.com> To: Dirk Meyer <dirk.meyer@dinoex.sub.org> Cc: ports@freebsd.org Subject: Re: FreeBSD Port: openssh-3.6.1 Message-ID: <3F6AF264.3070203@fillmore-labs.com> In-Reply-To: <UuwNaN5Dws@dmeyer.dinoex.sub.org> References: <a05200f22bb8f3d276060@[192.168.0.3]> <UuwNaN5Dws@dmeyer.dinoex.sub.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Dirk Meyer wrote: > you can preview OpenSSH 3.7.1 the port at: > http://people.freebsd.org/~dinoex/ports/openssh-portable-371/ > > but there are a lot of changes. E.g. No Kerberos 4 any more. Hi Dirk, thanks for the great work. How about a rcNG script for sshd? * Makefile: USE_RC_SUBR= yes ... post-configure: ${SED} -e 's:__PREFIX__:${PREFIX}:g' \ -e 's:__ETCSSH__:${ETCSSH}:g' \ -e 's:__RC_SUBR__:${RC_SUBR}:g' \ ${FILESDIR}/sshd.sh > ${WRKSRC}/sshd.sh ... post-install: .if !defined(OPENSSH_OVERWRITE_BASE) ${INSTALL_SCRIPT} ${WRKSRC}/sshd.sh ${PREFIX}/etc/rc.d/sshd.sh .endif and tell users to do echo 'enable_sshd_portable="YES"' >> /etc/rc.conf if they want to enable sshd. * replace files/sshd.sh by: --- sshd.sh begins here --- #!/bin/sh # # $FreeBSD$ # # PROVIDE: sshd # REQUIRE: LOGIN # KEYWORD: FreeBSD . __RC_SUBR__ name="sshd_portable" rcvar=`set_rcvar` command="__PREFIX__/sbin/sshd" pidfile="/var/run/sshd.pid" required_files="__ETCSSH__/sshd_config" start_precmd="sshd_precmd" keygen_cmd="sshd_keygen" extra_commands="keygen reload" sshd_keygen() { ( umask 022 # Can't do anything if ssh is not installed [ -x __PREFIX__/bin/ssh-keygen ] || { warn "__PREFIX__/bin/ssh-keygen does not exist." return 1 } if [ -f __ETCSSH__/ssh_host_key ]; then echo "You already have an RSA host key" \ "in __ETCSSH__/ssh_host_key" echo "Skipping protocol version 1 RSA Key Generation" else __PREFIX__/bin/ssh-keygen -t rsa1 -b 1024 \ -f __ETCSSH__/ssh_host_key -N '' fi if [ -f __ETCSSH__/ssh_host_dsa_key ]; then echo "You already have a DSA host key" \ "in __ETCSSH__/ssh_host_dsa_key" echo "Skipping protocol version 2 DSA Key Generation" else __PREFIX__/bin/ssh-keygen -t dsa -f __ETCSSH__/ssh_host_dsa_key -N '' fi if [ -f __ETCSSH__/ssh_host_rsa_key ]; then echo "You already have a RSA host key" \ "in __ETCSSH__/ssh_host_rsa_key" echo "Skipping protocol version 2 RSA Key Generation" else __PREFIX__/bin/ssh-keygen -t rsa -f __ETCSSH__/ssh_host_rsa_key -N '' fi ) } sshd_precmd() { if [ ! -f __ETCSSH__/ssh_host_key -o \ ! -f __ETCSSH__/ssh_host_dsa_key -o \ ! -f __ETCSSH__/ssh_host_rsa_key ]; then run_rc_command keygen fi } sshd_portable_enable=${sshd_portable_enable:-"NO"} load_rc_config $name run_rc_command "$1" --- sshd.sh ends here --- (stolen from /etc/rc.d/sshd) * and maybe remove %%NOTBASE%%@exec if [ ! -f %D/etc/ssh/ssh_host_key ]; then echo ">> Generating a secret RSA1 host key."; %D/bin/ssh-keygen -t rsa1 -N "" -f %D/etc/ssh/ssh_host_key; fi %%NOTBASE%%@exec if [ ! -f %D/etc/ssh/ssh_host_rsa_key ]; then echo ">> Generating a secret RSA host key."; %D/bin/ssh-keygen -t rsa -N "" -f %D/etc/ssh/ssh_host_rsa_key; fi %%NOTBASE%%@exec if [ ! -f %D/etc/ssh/ssh_host_dsa_key ]; then echo ">> Generating a secret DSA host key."; %D/bin/ssh-keygen -t dsa -N "" -f %D/etc/ssh/ssh_host_dsa_key; fi from pkg-plist. %%NOTBASE%%@exec %D/etc/rc.d/sshd.sh keygen probably won't work, because you are missing the enable_sshd_portable="YES". I changed sshd to sshd_portable in order to not collide with sshd from the base system. Sorry that I didn't had the time to test. Regards Oliver
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F6AF264.3070203>