| #!/bin/sh |
| # Copyright 2016 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| SSH_DIR=/mnt/stateful_partition/etc/ssh |
| mkdir -p "${SSH_DIR}" |
| |
| if ! sshd -t -q ; then |
| # sshd will not start with current config, generate a new set of keys. |
| for KEY_TYPE in rsa ed25519 ; do |
| KEY_FILE="${SSH_DIR}/ssh_host_${KEY_TYPE}_key" |
| # If keys exist delete them because they are not valid and ssh-keygen |
| # will not overwrite them. |
| rm -f "${KEY_FILE}" "${KEY_FILE}.pub" |
| ssh-keygen -q -f "${KEY_FILE}" -N '' -t ${KEY_TYPE} || |
| logger -t "${UPSTART_JOB}" "Failed to generate ssh key." |
| done |
| fi |
| |
| for cmd in iptables ip6tables ; do |
| $cmd -A INPUT -p tcp --dport 22 -j ACCEPT -w || |
| logger -t "${UPSTART_JOB}" "Failed to configure $cmd." |
| done |