summaryrefslogtreecommitdiff
path: root/debian/openssh-server.config
diff options
context:
space:
mode:
Diffstat (limited to 'debian/openssh-server.config')
-rw-r--r--debian/openssh-server.config70
1 files changed, 70 insertions, 0 deletions
diff --git a/debian/openssh-server.config b/debian/openssh-server.config
new file mode 100644
index 000000000..b40e8afd7
--- /dev/null
+++ b/debian/openssh-server.config
@@ -0,0 +1,70 @@
1#!/bin/sh
2
3action=$1
4version=$2
5
6# Source debconf library.
7. /usr/share/debconf/confmodule
8db_version 2.0
9
10if [ -e /etc/init.d/ssh ] && ! grep -q pidfile /etc/init.d/ssh
11then
12 db_fset ssh/use_old_init_script seen false
13 db_input medium ssh/use_old_init_script || true
14 db_go
15
16 db_get ssh/use_old_init_script
17 [ "$RET" = "false" ] && exit 0
18else
19 db_set ssh/use_old_init_script true
20 db_fset ssh/use_old_init_script seen true
21fi
22
23if [ -z "$version" ] && [ ! -e /etc/ssh/sshd_config ]
24then
25 db_input medium ssh/protocol2_only || true
26fi
27
28if [ -e /etc/ssh/sshd_config ]
29then
30 if dpkg --compare-versions "$version" lt-nl 1:1.3 ;
31 then db_input medium ssh/new_config || true
32 db_go
33 db_get ssh/new_config
34 if [ "$RET" = "true" ];
35 then db_input medium ssh/protocol2_only ||true
36 fi
37 fi
38fi
39
40if [ -x /usr/sbin/in.telnetd ] && grep -q "^telnet\b" /etc/inetd.conf
41then
42 if ! /usr/sbin/in.telnetd -? 2>&1 | grep -q ssl 2>/dev/null
43 then
44 db_input low ssh/insecure_telnetd || true
45 fi
46fi
47
48key=/etc/ssh/ssh_host_key
49export key
50if [ -n "$version" ] && [ -f $key ] && [ ! -x /usr/bin/ssh-keygen ] &&
51 dpkg --compare-versions "$version" lt 1.2.28
52then
53 # make sure that keys get updated to get rid of IDEA; preinst
54 # actually does the work, but if the old ssh-keygen is not found,
55 # it can't do that -- thus, we tell the user that he must create
56 # a new host key.
57 echo -en '\0\0' | 3<&0 sh -c \
58 'dd if=$key bs=1 skip=32 count=2 2>/dev/null | cmp -s - /dev/fd/3' || {
59 # this means that bytes 32&33 of the key were not both zero, in which
60 # case the key is encrypted, which we need to fix
61 db_input high ssh/encrypted_host_key_but_no_keygen || true
62 }
63fi
64
65
66db_input low ssh/forward_warning || true
67
68db_go
69
70exit 0