1 files changed, 70 insertions, 0 deletions
diff --git a/debian/openssh-server.config b/debian/openssh-server.config
new file mode 100644
index 000000000..b40e8afd7
--- /dev/null
+++ b/debian/openssh-server.config
@@ -0,0 +1,70 @@
+#!/bin/sh 
+action=$1
+version=$2
+# Source debconf library.
+. /usr/share/debconf/confmodule
+db_version 2.0
+if [ -e /etc/init.d/ssh ] && ! grep -q pidfile /etc/init.d/ssh
+then
+  db_fset ssh/use_old_init_script seen false
+  db_input medium ssh/use_old_init_script || true
+  db_go
+  db_get ssh/use_old_init_script
+  [ "$RET" = "false" ] && exit 0
+else
+  db_set ssh/use_old_init_script true
+  db_fset ssh/use_old_init_script seen true
+fi
+if [ -z "$version" ] && [ ! -e /etc/ssh/sshd_config ]
+then
+  db_input medium ssh/protocol2_only || true
+fi
+if [ -e /etc/ssh/sshd_config ]
+then
+    if dpkg --compare-versions "$version" lt-nl 1:1.3 ; 
+    then db_input medium ssh/new_config || true
+        db_go
+        db_get ssh/new_config
+        if [ "$RET" = "true" ];
+        then db_input medium ssh/protocol2_only ||true
+        fi
+    fi
+fi 
+if [ -x /usr/sbin/in.telnetd ] && grep -q "^telnet\b" /etc/inetd.conf
+then
+  if ! /usr/sbin/in.telnetd -? 2>&1 | grep -q ssl 2>/dev/null
+  then 
+    db_input low ssh/insecure_telnetd || true
+  fi
+fi
+key=/etc/ssh/ssh_host_key
+export key
+if [ -n "$version" ] && [ -f $key ] && [ ! -x /usr/bin/ssh-keygen ] &&
+     dpkg --compare-versions "$version" lt 1.2.28
+then
+  # make sure that keys get updated to get rid of IDEA; preinst
+  # actually does the work, but if the old ssh-keygen is not found,
+  # it can't do that -- thus, we tell the user that he must create
+  # a new host key.
+  echo -en '\0\0' | 3<&0 sh -c \
+      'dd if=$key bs=1 skip=32 count=2 2>/dev/null | cmp -s - /dev/fd/3' || {
+    # this means that bytes 32&33 of the key were not both zero, in which
+    # case the key is encrypted, which we need to fix
+    db_input high ssh/encrypted_host_key_but_no_keygen || true
+  }
+fi
+db_input low ssh/forward_warning || true
+db_go
+exit 0

diff --git a/debian/openssh-server.config b/debian/openssh-server.config new file mode 100644 index 000000000..b40e8afd7 --- /dev/null +++ b/debian/openssh-server.config
@@ -0,0 +1,70 @@
	1	#!/bin/sh
	2
	3	action=$1
	4	version=$2
	5
	6	# Source debconf library.
	7	. /usr/share/debconf/confmodule
	8	db_version 2.0
	9
	10	if [ -e /etc/init.d/ssh ] && ! grep -q pidfile /etc/init.d/ssh
	11	then
	12	db_fset ssh/use_old_init_script seen false
	13	db_input medium ssh/use_old_init_script \|\| true
	14	db_go
	15
	16	db_get ssh/use_old_init_script
	17	[ "$RET" = "false" ] && exit 0
	18	else
	19	db_set ssh/use_old_init_script true
	20	db_fset ssh/use_old_init_script seen true
	21	fi
	22
	23	if [ -z "$version" ] && [ ! -e /etc/ssh/sshd_config ]
	24	then
	25	db_input medium ssh/protocol2_only \|\| true
	26	fi
	27
	28	if [ -e /etc/ssh/sshd_config ]
	29	then
	30	if dpkg --compare-versions "$version" lt-nl 1:1.3 ;
	31	then db_input medium ssh/new_config \|\| true
	32	db_go
	33	db_get ssh/new_config
	34	if [ "$RET" = "true" ];
	35	then db_input medium ssh/protocol2_only \|\|true
	36	fi
	37	fi
	38	fi
	39
	40	if [ -x /usr/sbin/in.telnetd ] && grep -q "^telnet\b" /etc/inetd.conf
	41	then
	42	if ! /usr/sbin/in.telnetd -? 2>&1 \| grep -q ssl 2>/dev/null
	43	then
	44	db_input low ssh/insecure_telnetd \|\| true
	45	fi
	46	fi
	47
	48	key=/etc/ssh/ssh_host_key
	49	export key
	50	if [ -n "$version" ] && [ -f $key ] && [ ! -x /usr/bin/ssh-keygen ] &&
	51	dpkg --compare-versions "$version" lt 1.2.28
	52	then
	53	# make sure that keys get updated to get rid of IDEA; preinst
	54	# actually does the work, but if the old ssh-keygen is not found,
	55	# it can't do that -- thus, we tell the user that he must create
	56	# a new host key.
	57	echo -en '\0\0' \| 3<&0 sh -c \
	58	'dd if=$key bs=1 skip=32 count=2 2>/dev/null \| cmp -s - /dev/fd/3' \|\| {
	59	# this means that bytes 32&33 of the key were not both zero, in which
	60	# case the key is encrypted, which we need to fix
	61	db_input high ssh/encrypted_host_key_but_no_keygen \|\| true
	62	}
	63	fi
	64
	65
	66	db_input low ssh/forward_warning \|\| true
	67
	68	db_go
	69
	70	exit 0