diff options
Diffstat (limited to 'debian/openssh-server.preinst')
-rw-r--r-- | debian/openssh-server.preinst | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/debian/openssh-server.preinst b/debian/openssh-server.preinst new file mode 100644 index 000000000..320d4df2a --- /dev/null +++ b/debian/openssh-server.preinst | |||
@@ -0,0 +1,79 @@ | |||
1 | #!/bin/sh -e | ||
2 | |||
3 | action=$1 | ||
4 | version=$2 | ||
5 | |||
6 | if [ -d /etc/ssh-nonfree -a ! -d /etc/ssh ]; then | ||
7 | version=1.2.27 | ||
8 | fi | ||
9 | |||
10 | if [ "$action" = upgrade -o "$action" = install ] | ||
11 | then | ||
12 | # check if debconf is missing | ||
13 | if ! test -f /usr/share/debconf/confmodule | ||
14 | then | ||
15 | cat <<EOF | ||
16 | |||
17 | WARNING: ssh's pre-configuration script relies on debconf to tell you | ||
18 | about some problems that might prevent you from logging in if you are | ||
19 | upgrading from the old, Non-free version of ssh. | ||
20 | |||
21 | If this is a new installation, you don't need to worry about this. | ||
22 | Just go ahead and install ssh (make sure to read .../ssh/README.Debian). | ||
23 | |||
24 | If you are upgrading, but you have alternative ways of logging into | ||
25 | the machine (i.e. you're sitting in front of it, or you have telnetd | ||
26 | running), then you also don't need to worry too much, because you can | ||
27 | fix it up afterwards if there's a problem. | ||
28 | |||
29 | If you're upgrading from an older (non-free) version of ssh, and ssh | ||
30 | is the only way you have to access this machine, then you should | ||
31 | probably abort the installation of ssh, install debconf, and then | ||
32 | retry the installation of ssh. | ||
33 | |||
34 | EOF | ||
35 | echo -n "Do you want to install SSH anyway [yN]: " | ||
36 | read input | ||
37 | expr "$input" : '[Yy]' >/dev/null || exit 1 | ||
38 | |||
39 | # work around for missing debconf | ||
40 | db_get() { : ; } | ||
41 | RET=true | ||
42 | if [ -d /etc/ssh-nonfree -a ! -d /etc/ssh ]; then | ||
43 | cp -a /etc/ssh-nonfree /etc/ssh | ||
44 | fi | ||
45 | else | ||
46 | # Source debconf library. | ||
47 | . /usr/share/debconf/confmodule | ||
48 | db_version 2.0 | ||
49 | fi | ||
50 | |||
51 | db_get ssh/use_old_init_script | ||
52 | if [ "$RET" = "false" ]; then | ||
53 | echo "ssh config: Aborting because ssh/use_old_init_script = false" >&2 | ||
54 | exit 1 | ||
55 | fi | ||
56 | |||
57 | # deal with upgrading from pre-OpenSSH versions | ||
58 | key=/etc/ssh/ssh_host_key | ||
59 | export key | ||
60 | if [ -n "$version" ] && [ -x /usr/bin/ssh-keygen ] && [ -f $key ] && | ||
61 | dpkg --compare-versions "$version" lt 1.2.28 | ||
62 | then | ||
63 | # make sure that keys get updated to get rid of IDEA | ||
64 | # | ||
65 | # N.B. this only works because we've still got the old | ||
66 | # nonfree ssh-keygen at this point | ||
67 | # | ||
68 | # First, check if we need to bother | ||
69 | echo -en '\0\0' | 3<&0 sh -c \ | ||
70 | 'dd if=$key bs=1 skip=32 count=2 2>/dev/null | cmp -s - /dev/fd/3' || { | ||
71 | # this means that bytes 32&33 of the key were not both zero, in which | ||
72 | # case the key is encrypted, which we need to fix | ||
73 | chmod 600 $key | ||
74 | ssh-keygen -u -f $key >/dev/null | ||
75 | } | ||
76 | fi | ||
77 | fi | ||
78 | |||
79 | #DEBHELPER# | ||