automatic version update by autodist [release 9.9p1-1mamba;Sun Sep 22 2024]
This commit is contained in:
parent
c6a4266b7a
commit
73c8bea57b
@ -1,86 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
#RSA1_KEY=/etc/ssh/ssh_host_key
|
||||
RSA_KEY=/etc/ssh/ssh_host_rsa_key
|
||||
DSA_KEY=/etc/ssh/ssh_host_dsa_key
|
||||
ECDSA_KEY=/etc/ssh/ssh_host_ecdsa_key
|
||||
ED25519_KEY=/etc/ssh/ssh_host_ed25519_key
|
||||
|
||||
KEYGEN=/usr/bin/ssh-keygen
|
||||
|
||||
#function do_rsa1_keygen
|
||||
#{
|
||||
# if [ ! -s $RSA1_KEY ]; then
|
||||
# echo -n $"Generating SSH1 RSA host key: "
|
||||
# if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
|
||||
# chmod 600 $RSA1_KEY
|
||||
# chmod 644 $RSA1_KEY.pub
|
||||
# else
|
||||
# echo $"RSA1 key generation failed!"
|
||||
# exit 1
|
||||
# fi
|
||||
# fi
|
||||
#}
|
||||
|
||||
function do_rsa_keygen
|
||||
{
|
||||
if [ ! -s $RSA_KEY ]; then
|
||||
echo -n $"Generating SSH2 RSA host key: "
|
||||
if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
|
||||
chmod 600 $RSA_KEY
|
||||
chmod 644 $RSA_KEY.pub
|
||||
else
|
||||
echo $"RSA key generation failed!"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
function do_dsa_keygen
|
||||
{
|
||||
if [ ! -s $DSA_KEY ]; then
|
||||
echo -n $"Generating SSH2 DSA host key: "
|
||||
if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
|
||||
chmod 600 $DSA_KEY
|
||||
chmod 644 $DSA_KEY.pub
|
||||
else
|
||||
echo $"DSA key generation failed!"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
function do_ecdsa_keygen
|
||||
{
|
||||
if [ ! -s $ECDSA_KEY ]; then
|
||||
echo -n $"Generating SSH2 ECDSA host key: "
|
||||
if $KEYGEN -q -t ecdsa -f $ECDSA_KEY -C '' -N '' >&/dev/null; then
|
||||
chmod 600 $ECDSA_KEY
|
||||
chmod 644 $ECDSA_KEY.pub
|
||||
else
|
||||
failure $"ECDSA key generation failed!"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
function do_ed25519_keygen
|
||||
{
|
||||
if [ ! -s $ED25519_KEY ]; then
|
||||
echo -n $"Generating SSH2 ED25519 host key: "
|
||||
if $KEYGEN -q -t ed25519 -f $ED25519_KEY -C '' -N '' >&/dev/null; then
|
||||
chmod 600 $ED25519_KEY
|
||||
chmod 644 $ED25519_KEY.pub
|
||||
else
|
||||
failure $"ED25519 key generation failed!"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
# Create keys if necessary
|
||||
do_rsa_keygen
|
||||
do_dsa_keygen
|
||||
do_ecdsa_keygen
|
||||
do_ed25519_keygen
|
||||
exit 0
|
||||
@ -1,12 +1,12 @@
|
||||
[Unit]
|
||||
Description=OpenSSH server daemon
|
||||
After=syslog.target network.target auditd.service
|
||||
Wants=sshdgenkeys.service
|
||||
After=sshdgenkeys.service
|
||||
After=auditd.service network.target
|
||||
ConditionPathExists=!/etc/ssh/sshd_not_to_be_run
|
||||
|
||||
[Service]
|
||||
EnvironmentFile=-/etc/sysconfig/ssh
|
||||
#ExecStartPre=/usr/bin/test -c /dev/null
|
||||
ExecStartPre=/usr/bin/ssh-makecerts
|
||||
ExecStart=/usr/sbin/sshd -D $SSHD_OPTS
|
||||
ExecReload=/bin/kill -HUP $MAINPID
|
||||
KillMode=process
|
||||
|
||||
@ -1,10 +1,10 @@
|
||||
[Unit]
|
||||
Description=OpenSSH per-connection server daemon
|
||||
After=auditd.service
|
||||
Wants=sshdgenkeys.service
|
||||
After=sshdgenkeys.service
|
||||
After=auditd.service network.target
|
||||
|
||||
[Service]
|
||||
EnvironmentFile=-/etc/sysconfig/ssh
|
||||
#ExecStartPre=/usr/bin/test -c /dev/null
|
||||
ExecStartPre=/usr/bin/ssh-makecerts
|
||||
ExecStart=-/usr/sbin/sshd -i $SSHD_OPTS
|
||||
StandardInput=socket
|
||||
|
||||
12
openssh-sshdgenkeys.service
Normal file
12
openssh-sshdgenkeys.service
Normal file
@ -0,0 +1,12 @@
|
||||
[Unit]
|
||||
Description=SSH Key Generation
|
||||
ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key
|
||||
ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key.pub
|
||||
ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key
|
||||
ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key.pub
|
||||
ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key
|
||||
ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key.pub
|
||||
|
||||
[Service]
|
||||
ExecStart=/usr/bin/ssh-keygen -A
|
||||
Type=oneshot
|
||||
47
openssh.spec
47
openssh.spec
@ -6,7 +6,7 @@
|
||||
%define with_selinux 0
|
||||
|
||||
Name: openssh
|
||||
Version: 9.8p1
|
||||
Version: 9.9p1
|
||||
Release: 1mamba
|
||||
Summary: OpenSSH free Secure Shell (SSH) implementation
|
||||
Group: Network/Security
|
||||
@ -16,7 +16,7 @@ Packager: Silvan Calarco <silvan.calarco@mambasoft.it>
|
||||
URL: https://www.openssh.com/
|
||||
Source0: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
|
||||
Source1: openssh-pamdconf
|
||||
Source2: openssh-sshd-makecerts
|
||||
Source2: openssh-sshdgenkeys.service
|
||||
Source3: openssh-sshd.service
|
||||
Source4: openssh-sshd@.service
|
||||
Source5: openssh-sshd.socket
|
||||
@ -168,7 +168,7 @@ install -d %{buildroot}%{_sysconfdir}/{ssh,pam.d}
|
||||
%makeinstall
|
||||
|
||||
install -D -m 600 %{S:1} %{buildroot}%{_sysconfdir}/pam.d/sshd
|
||||
install -D -m 755 %{SOURCE2} %{buildroot}%{_bindir}/ssh-makecerts
|
||||
install -D -m 755 %{SOURCE2} %{buildroot}%{_unitdir}/sshdgenkeys.service
|
||||
install -D -m 644 %{SOURCE3} %{buildroot}%{_unitdir}/sshd.service
|
||||
install -D -m 644 %{SOURCE4} %{buildroot}%{_unitdir}/sshd@.service
|
||||
install -D -m 644 %{SOURCE5} %{buildroot}%{_unitdir}/sshd.socket
|
||||
@ -206,15 +206,12 @@ fi
|
||||
/usr/sbin/groupadd sshd -g %{groupid} 2>/dev/null || :
|
||||
/usr/sbin/useradd -u %{userid} -g sshd -c 'ssh daemon' -d /var/empty \
|
||||
-s /bin/false sshd 2>/dev/null
|
||||
exit 0
|
||||
:
|
||||
|
||||
%post server
|
||||
if [ $1 -eq 1 ]; then
|
||||
# new install
|
||||
%{_bindir}/ssh-makecerts
|
||||
# /sbin/chkconfig --add sshd
|
||||
# service sshd start
|
||||
fi
|
||||
%systemd_post sshdgenkeys.service
|
||||
%systemd_post sshd.socket
|
||||
|
||||
if [ $1 -gt 1 ]; then
|
||||
# update
|
||||
sed -i 's/#X11Forwarding no/X11Forwarding yes/' \
|
||||
@ -222,32 +219,23 @@ if [ $1 -gt 1 ]; then
|
||||
grep "AcceptEnv" %{_sysconfdir}/ssh/sshd_config >/dev/null || \
|
||||
echo " AcceptEnv LANG LC_*" >> %{_sysconfdir}/ssh/sshd_config
|
||||
fi
|
||||
exit 0
|
||||
|
||||
%posttrans server
|
||||
systemctl -q daemon-reload
|
||||
systemctl -q enable sshd.socket
|
||||
systemctl -q start sshd.socket
|
||||
exit 0
|
||||
:
|
||||
|
||||
%preun server
|
||||
if [ $1 -eq 0 ]; then
|
||||
# erase
|
||||
systemctl -q stop sshd.socket
|
||||
systemctl -q disable sshd.socket
|
||||
fi
|
||||
exit 0
|
||||
%systemd_preun sshdgenkeys.service
|
||||
%systemd_preun sshd.socket
|
||||
:
|
||||
|
||||
%postun server
|
||||
systemctl -q daemon-reload
|
||||
exit 0
|
||||
%systemd_postun_with_restart sshdgenkeys.service
|
||||
%systemd_postun sshd.socket
|
||||
:
|
||||
|
||||
%files common
|
||||
%defattr(-,root,root)
|
||||
%{_bindir}/ssh-copy-id
|
||||
%{_bindir}/ssh-keygen
|
||||
%{_bindir}/ssh-keyscan
|
||||
%{_bindir}/ssh-makecerts
|
||||
%{_libexecdir}/openssh/ssh-keysign
|
||||
%{_libexecdir}/openssh/ssh-pkcs11-helper
|
||||
%{_libexecdir}/openssh/ssh-sk-helper
|
||||
@ -279,6 +267,7 @@ exit 0
|
||||
%config(noreplace) %{_sysconfdir}/ssh/moduli
|
||||
%config(noreplace) %attr(0600,root,root) %{_sysconfdir}/ssh/sshd_config
|
||||
%{_sbindir}/sshd
|
||||
%{_unitdir}/sshdgenkeys.service
|
||||
%{_unitdir}/sshd.service
|
||||
%{_unitdir}/sshd.socket
|
||||
%{_unitdir}/sshd@.service
|
||||
@ -296,6 +285,12 @@ exit 0
|
||||
%{_libexecdir}/openssh/ssh-askpass
|
||||
|
||||
%changelog
|
||||
* Sun Sep 22 2024 Automatic Build System <autodist@openmamba.org> 9.9p1-1mamba
|
||||
- automatic version update by autodist
|
||||
|
||||
* Sat Sep 21 2024 Silvan Calarco <silvan.calarco@mambasoft.it> 9.8p1-2mamba
|
||||
- replace old ssh-makecerts with sshdgenkeys service
|
||||
|
||||
* Sat Jul 06 2024 Automatic Build System <autodist@openmamba.org> 9.8p1-1mamba
|
||||
- automatic version update by autodist
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user