even openssh server is up unders services the "led" is off

[jls]

 

[Lee]

I checked into this once - a long time ago, since I pretty much never use the services applet - but I seem to recall that the services applet uses the service's start/stop/status script ( /usr/local/etc/init/d/openssh ) to check the status of the service and the script provided by the openssh extension does not provide a "status" functionality.

Its a fairly simple addition to make - just add a "status" option that runs

Code: [Select]

pidof sshd >/dev/nullwhich will cause script "succeed" if the service is running and otherwise "fail".

Add the modified script to your backup (or rebuild the extension) to make it persist.

Edit: 2013-10-08 10:28 - I just now PM'd maintainer Kingdomcome requesting an update.

[Juanito]

It's been a while, but I recall that it's the exit 0 and exit 1 that are required, for example:

Code: [Select]

status() {
if [ -e /var/run/dbus/pid ]; then
echo -e "\ndbus is running.\n"
exit 0
else
echo -e "\ndbus is not running.\n"
exit 1
fi
}

[Lee]

Yes - it is the exit status that is relevant.

I was just allowing the exit status returned by pidof to "fall through" to the calling program.

Of course, when I tested it just now, I forgot to add the status call to the case statement and for a few minutes couldn't figure out why it still didn't work!

My working script is

Code: [Select]

#!/bin/sh
# openssh sshd start script
[ $(id -u) = 0 ] || { echo "must be root" ; exit 1; }

start(){
   [ -f /usr/local/etc/ssh/sshd_config ] || { echo "Config file /usr/local/etc/ssh/sshdd_config not found"; exit 1; }
   [ -f /usr/local/etc/ssh/ssh_host_rsa_key ] || ssh-keygen -t rsa -N "" -f /usr/local/etc/ssh/ssh_host_rsa_key
   [ -f /usr/local/etc/ssh/ssh_host_dsa_key ] || ssh-keygen -t dsa -N "" -f /usr/local/etc/ssh/ssh_host_dsa_key
   [ -f /usr/local/etc/ssh/ssh_host_ecdsa_key ] || ssh-keygen -t ecdsa -N "" -f /usr/local/etc/ssh/ssh_host_ecdsa_key
   /usr/local/sbin/sshd
}

stop(){
   kill $(pidof sshd)
}

restart(){
   if pidof sshd >/dev/null; then
      stop && start
   else
      start
   fi
}

status(){
   pidof sshd >/dev/null
}

keygen(){
   ssh-keygen -t rsa -f /usr/local/etc/ssh/ssh_host_rsa_key
   ssh-keygen -t dsa -f /usr/local/etc/ssh/ssh_host_dsa_key
}

case $1 in
   start) start;;
   stop) stop;;
   restart) restart;;
   status) status;;
   keygen) keygen;;
   *) echo "Usage $0 {start|stop|restart|keygen}"; exit 1
esac

Speaking of openssh, I note in about line 9 of the above script the line that includes ... ssh-keygen -t ecdsa ... and I wonder, is that generating the elliptical curve keys using the NSA's compromised method or is it something more secure?  Is there an encryption expert in the house?