#!/bin/sh
# Start/stop/restart the secure shell server:

# Source options
if [ -r /etc/default/sshd ]; then
  . /etc/default/sshd
fi

sshd_start() {
  # Create host keys if needed.
  if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
    /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
  fi
  if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
    /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
  fi
  if [ ! -f /etc/ssh/ssh_host_ecdsa_key ]; then
    /usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
  fi
  if [ ! -f /etc/ssh/ssh_host_ed25519_key ]; then
    /usr/bin/ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ''
  fi
  # Catch any new host key types not yet created above:
  /usr/bin/ssh-keygen -A
  # Start the sshd daemon:
  /usr/sbin/sshd $SSHD_OPTS
}

sshd_stop() {
  killall sshd
}

sshd_restart() {
  if [ -r /var/run/sshd.pid ]; then
    echo "WARNING: killing listener process only.  To kill every sshd process, you must"
    echo "         use 'rc.sshd stop'.  'rc.sshd restart' kills only the parent sshd to"
    echo "         allow an admin logged in through sshd to use 'rc.sshd restart' without"
    echo "         being cut off.  If sshd has been upgraded, new connections will now"
    echo "         use the new version, which should be a safe enough approach."
    kill `cat /var/run/sshd.pid`
  else
    echo "WARNING: There does not appear to be a parent instance of sshd running."
    echo "         If you really want to kill all running instances of sshd (including"
    echo "         any sessions currently in use), run '/etc/rc.d/rc.sshd stop' instead."
    exit 1
  fi
  sleep 1
  sshd_start
}

case "$1" in
'start')
  sshd_start
  ;;
'stop')
  sshd_stop
  ;;
'restart')
  sshd_restart
  ;;
*)
  echo "usage $0 start|stop|restart"
esac