#!/bin/sh #---------------------------------------------------------------------------- # /var/install/bin/sshd-create_keys - create keys script for inet # # Copyright (c) 2001-2005 Ansgar Püster # # Creation: 18.07.2002 jh # Last Update: $Id$ # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. #---------------------------------------------------------------------------- # include eislib . /var/install/include/eislib # passphrase option # set to '-N ""' for no passphrase # set to '' to ask for a passphrase option='-N ""' # remove option # set to 'yes' to remove keyfile before recreation # set to '' to ask the user remove='yes' clrhome mecho mecho -info "You want to change the SSH Server Keys" mecho -warn "You may have problems with your SSH-Client when host key changes" mecho [ ! "$option" = '-N ""' ] && mecho "Simply hit RETURN when asked for a passphrase (two times)" [ ! "$remove" = 'yes' ] && mecho "Answer y when you are asked \"Overwrite (y/n)?\"" mecho if [ -e /etc/ssh_host_key ]; then /var/install/bin/ask "/etc/ssh_host_key exists! Change it anyway" 'no' rc=$? if [ "$rc" = 0 ]; then [ "$remove" = 'yes' ] && rm -f /etc/ssh_host_key eval /bin/ssh-keygen -t rsa1 $option -f /etc/ssh_host_key fi else eval /bin/ssh-keygen -t rsa1 $option -f /etc/ssh_host_key fi mecho if [ -e /etc/ssh_host_rsa_key ]; then /var/install/bin/ask "/etc/ssh_host_rsa_key exists! Change it anyway" 'no' rc=$? if [ "$rc" = 0 ]; then [ "$remove" = 'yes' ] && rm -f /etc/ssh_host_rsa_key eval /bin/ssh-keygen -t rsa $option -f /etc/ssh_host_rsa_key fi else eval /bin/ssh-keygen -t rsa $option -f /etc/ssh_host_rsa_key fi mecho if [ -e /etc/ssh_host_dsa_key ]; then /var/install/bin/ask "/etc/ssh_host_dsa_key exists! Change it anyway" 'no' rc=$? if [ "$rc" = 0 ]; then [ "$remove" = 'yes' ] && rm -f /etc/ssh_host_dsa_key eval /bin/ssh-keygen -t dsa $option -f /etc/ssh_host_dsa_key fi else eval /bin/ssh-keygen -t dsa $option -f /etc/ssh_host_dsa_key fi mecho anykey