8 files changed, 87 insertions, 0 deletions
diff --git a/debian/systemd/rescue-ssh.target b/debian/systemd/rescue-ssh.target
new file mode 100644
index 000000000..9501b7fd0
--- /dev/null
+++ b/debian/systemd/rescue-ssh.target
@@ -0,0 +1,6 @@
+[Unit]
+Description=Rescue with network and ssh
+Documentation=man:systemd.special(7)
+Requires=network-online.target ssh.service
+After=network-online.target ssh.service
+AllowIsolate=yes
diff --git a/debian/systemd/ssh-agent.override b/debian/systemd/ssh-agent.override
new file mode 100644
index 000000000..2905494b6
--- /dev/null
+++ b/debian/systemd/ssh-agent.override
@@ -0,0 +1 @@
+manual
diff --git a/debian/systemd/ssh-agent.service b/debian/systemd/ssh-agent.service
new file mode 100644
index 000000000..cdc10bb47
--- /dev/null
+++ b/debian/systemd/ssh-agent.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=OpenSSH Agent
+Documentation=man:ssh-agent(1)
+Before=graphical-session-pre.target
+ConditionPathExists=/etc/X11/Xsession.options
+Wants=dbus.socket
+After=dbus.socket
+[Service]
+ExecStart=/usr/lib/openssh/agent-launch start
+ExecStopPost=/usr/lib/openssh/agent-launch stop
diff --git a/debian/systemd/ssh-session-cleanup b/debian/systemd/ssh-session-cleanup
new file mode 100755
index 000000000..f283cc967
--- /dev/null
+++ b/debian/systemd/ssh-session-cleanup
@@ -0,0 +1,11 @@
+#! /bin/sh
+ssh_session_pattern='sshd: \S.*@pts/[0-9]+'
+IFS="$IFS@"
+pgrep -a -f "$ssh_session_pattern" | while read pid daemon user pty; do
+        echo "Found ${daemon%:} session $pid on $pty; sending SIGTERM"
+        kill "$pid" || true
+done
+exit 0
diff --git a/debian/systemd/ssh-session-cleanup.service b/debian/systemd/ssh-session-cleanup.service
new file mode 100644
index 000000000..b86727227
--- /dev/null
+++ b/debian/systemd/ssh-session-cleanup.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=OpenBSD Secure Shell session cleanup
+Wants=network.target
+After=network.target
+[Service]
+ExecStart=/bin/true
+ExecStop=/usr/lib/openssh/ssh-session-cleanup
+RemainAfterExit=yes
+Type=oneshot
+[Install]
+WantedBy=multi-user.target
diff --git a/debian/systemd/ssh.service b/debian/systemd/ssh.service
new file mode 100644
index 000000000..7495d9a81
--- /dev/null
+++ b/debian/systemd/ssh.service
@@ -0,0 +1,22 @@
+[Unit]
+Description=OpenBSD Secure Shell server
+Documentation=man:sshd(8) man:sshd_config(5)
+After=network.target auditd.service
+ConditionPathExists=!/etc/ssh/sshd_not_to_be_run
+[Service]
+EnvironmentFile=-/etc/default/ssh
+ExecStartPre=/usr/sbin/sshd -t
+ExecStart=/usr/sbin/sshd -D $SSHD_OPTS
+ExecReload=/usr/sbin/sshd -t
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=process
+Restart=on-failure
+RestartPreventExitStatus=255
+Type=notify
+RuntimeDirectory=sshd
+RuntimeDirectoryMode=0755
+[Install]
+WantedBy=multi-user.target
+Alias=sshd.service
diff --git a/debian/systemd/ssh.socket b/debian/systemd/ssh.socket
new file mode 100644
index 000000000..5a766dcab
--- /dev/null
+++ b/debian/systemd/ssh.socket
@@ -0,0 +1,12 @@
+[Unit]
+Description=OpenBSD Secure Shell server socket
+Before=ssh.service
+Conflicts=ssh.service
+ConditionPathExists=!/etc/ssh/sshd_not_to_be_run
+[Socket]
+ListenStream=22
+Accept=yes
+[Install]
+WantedBy=sockets.target
diff --git a/debian/systemd/ssh@.service b/debian/systemd/ssh@.service
new file mode 100644
index 000000000..f7fec1f6f
--- /dev/null
+++ b/debian/systemd/ssh@.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=OpenBSD Secure Shell server per-connection daemon
+Documentation=man:sshd(8) man:sshd_config(5)
+After=auditd.service
+[Service]
+EnvironmentFile=-/etc/default/ssh
+ExecStart=-/usr/sbin/sshd -i $SSHD_OPTS
+StandardInput=socket
+RuntimeDirectory=sshd
+RuntimeDirectoryMode=0755

diff --git a/debian/systemd/rescue-ssh.target b/debian/systemd/rescue-ssh.target new file mode 100644 index 000000000..9501b7fd0 --- /dev/null +++ b/debian/systemd/rescue-ssh.target
@@ -0,0 +1,6 @@
	1	[Unit]
	2	Description=Rescue with network and ssh
	3	Documentation=man:systemd.special(7)
	4	Requires=network-online.target ssh.service
	5	After=network-online.target ssh.service
	6	AllowIsolate=yes


diff --git a/debian/systemd/ssh-agent.override b/debian/systemd/ssh-agent.override new file mode 100644 index 000000000..2905494b6 --- /dev/null +++ b/debian/systemd/ssh-agent.override
@@ -0,0 +1 @@
		manual


diff --git a/debian/systemd/ssh-agent.service b/debian/systemd/ssh-agent.service new file mode 100644 index 000000000..cdc10bb47 --- /dev/null +++ b/debian/systemd/ssh-agent.service
@@ -0,0 +1,11 @@
	1	[Unit]
	2	Description=OpenSSH Agent
	3	Documentation=man:ssh-agent(1)
	4	Before=graphical-session-pre.target
	5	ConditionPathExists=/etc/X11/Xsession.options
	6	Wants=dbus.socket
	7	After=dbus.socket
	8
	9	[Service]
	10	ExecStart=/usr/lib/openssh/agent-launch start
	11	ExecStopPost=/usr/lib/openssh/agent-launch stop


diff --git a/debian/systemd/ssh-session-cleanup b/debian/systemd/ssh-session-cleanup new file mode 100755 index 000000000..f283cc967 --- /dev/null +++ b/debian/systemd/ssh-session-cleanup
@@ -0,0 +1,11 @@
	1	#! /bin/sh
	2
	3	ssh_session_pattern='sshd: \S.*@pts/[0-9]+'
	4
	5	IFS="$IFS@"
	6	pgrep -a -f "$ssh_session_pattern" \| while read pid daemon user pty; do
	7	echo "Found ${daemon%:} session $pid on $pty; sending SIGTERM"
	8	kill "$pid" \|\| true
	9	done
	10
	11	exit 0


diff --git a/debian/systemd/ssh-session-cleanup.service b/debian/systemd/ssh-session-cleanup.service new file mode 100644 index 000000000..b86727227 --- /dev/null +++ b/debian/systemd/ssh-session-cleanup.service
@@ -0,0 +1,13 @@
	1	[Unit]
	2	Description=OpenBSD Secure Shell session cleanup
	3	Wants=network.target
	4	After=network.target
	5
	6	[Service]
	7	ExecStart=/bin/true
	8	ExecStop=/usr/lib/openssh/ssh-session-cleanup
	9	RemainAfterExit=yes
	10	Type=oneshot
	11
	12	[Install]
	13	WantedBy=multi-user.target


diff --git a/debian/systemd/ssh.service b/debian/systemd/ssh.service new file mode 100644 index 000000000..7495d9a81 --- /dev/null +++ b/debian/systemd/ssh.service
@@ -0,0 +1,22 @@
	1	[Unit]
	2	Description=OpenBSD Secure Shell server
	3	Documentation=man:sshd(8) man:sshd_config(5)
	4	After=network.target auditd.service
	5	ConditionPathExists=!/etc/ssh/sshd_not_to_be_run
	6
	7	[Service]
	8	EnvironmentFile=-/etc/default/ssh
	9	ExecStartPre=/usr/sbin/sshd -t
	10	ExecStart=/usr/sbin/sshd -D $SSHD_OPTS
	11	ExecReload=/usr/sbin/sshd -t
	12	ExecReload=/bin/kill -HUP $MAINPID
	13	KillMode=process
	14	Restart=on-failure
	15	RestartPreventExitStatus=255
	16	Type=notify
	17	RuntimeDirectory=sshd
	18	RuntimeDirectoryMode=0755
	19
	20	[Install]
	21	WantedBy=multi-user.target
	22	Alias=sshd.service


diff --git a/debian/systemd/ssh.socket b/debian/systemd/ssh.socket new file mode 100644 index 000000000..5a766dcab --- /dev/null +++ b/debian/systemd/ssh.socket
@@ -0,0 +1,12 @@
	1	[Unit]
	2	Description=OpenBSD Secure Shell server socket
	3	Before=ssh.service
	4	Conflicts=ssh.service
	5	ConditionPathExists=!/etc/ssh/sshd_not_to_be_run
	6
	7	[Socket]
	8	ListenStream=22
	9	Accept=yes
	10
	11	[Install]
	12	WantedBy=sockets.target


diff --git a/debian/systemd/ssh@.service b/debian/systemd/ssh@.service new file mode 100644 index 000000000..f7fec1f6f --- /dev/null +++ b/debian/systemd/ssh@.service
@@ -0,0 +1,11 @@
	1	[Unit]
	2	Description=OpenBSD Secure Shell server per-connection daemon
	3	Documentation=man:sshd(8) man:sshd_config(5)
	4	After=auditd.service
	5
	6	[Service]
	7	EnvironmentFile=-/etc/default/ssh
	8	ExecStart=-/usr/sbin/sshd -i $SSHD_OPTS
	9	StandardInput=socket
	10	RuntimeDirectory=sshd
	11	RuntimeDirectoryMode=0755