#!/bin/sh -e action="$1" oldversion="$2" if [ "$action" = configure ] then if [ -f /etc/ssh/ssh_host_key ] then #check for old host_key files using IDEA, which openssh does not support ssh-keygen -p -N '' -f /etc/ssh/ssh_host_key 2>&1 | \ grep -q 'unknown cipher' && { mv /etc/ssh/ssh_host_key /etc/ssh/ssh_host_key.old mv /etc/ssh/ssh_host_key.pub /etc/ssh/ssh_host_key.pub.old } fi # make keys if we need to [ -f /etc/ssh/ssh_host_key ] || ( umask 022 ssh-keygen -f /etc/ssh/ssh_host_key -N '' >/dev/null ) [ -f /etc/ssh/ssh_host_rsa_key ] || ( umask 022 ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >/dev/null ) [ -f /etc/ssh/ssh_host_dsa_key ] || ( umask 022 ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N "" >/dev/null ) # get rid of mistaken rsh diversion (circa 1.2.27-1) if test -L /usr/bin/rsh && dpkg-divert --list '/usr/bin/rsh.real/rsh' | grep -q ' ssh$' then test -L /usr/bin/rlogin && rm /usr/bin/rlogin dpkg-divert --package ssh --remove --rename \ --divert /usr/bin/rsh.real/rlogin /usr/bin/rlogin test -L /usr/bin/rsh && rm /usr/bin/rsh dpkg-divert --package ssh --remove --rename \ --divert /usr/bin/rsh.real/rsh /usr/bin/rsh test -L /usr/bin/rcp && rm /usr/bin/rcp dpkg-divert --package ssh --remove --rename \ --divert /usr/bin/rsh.real/rcp /usr/bin/rcp test -L /usr/man/man1/rlogin.1.gz && rm /usr/man/man1/rlogin.1.gz dpkg-divert --package ssh --remove --rename \ --divert /usr/man/man1/rlogin.real.1.gz /usr/man/man1/rlogin.1.gz test -L /usr/man/man1/rsh.1.gz && rm /usr/man/man1/rsh.1.gz dpkg-divert --package ssh --remove --rename \ --divert /usr/man/man1/rsh.real.1.gz /usr/man/man1/rsh.1.gz test -L /usr/man/man1/rcp.1.gz && rm /usr/man/man1/rcp.1.gz dpkg-divert --package ssh --remove --rename \ --divert /usr/man/man1/rcp.real.1.gz /usr/man/man1/rcp.1.gz rmdir /usr/bin/rsh.real fi # do it properly, with alternatives update-alternatives --install /usr/bin/rsh rsh /usr/bin/ssh 20 \ --slave /usr/share/man/man1/rsh.1.gz rsh.1.gz \ /usr/share/man/man1/ssh.1.gz update-alternatives --install /usr/bin/rlogin rlogin /usr/bin/ssh 20 \ --slave /usr/share/man/man1/rlogin.1.gz rlogin.1.gz \ /usr/share/man/man1/ssh.1.gz update-alternatives --install /usr/bin/rcp rcp /usr/bin/scp 20 \ --slave /usr/share/man/man1/rcp.1.gz rcp.1.gz \ /usr/share/man/man1/scp.1.gz fi # sort out whether we're installing ssh suid RET=false test -e /usr/share/debconf/confmodule && { . /usr/share/debconf/confmodule db_version 2.0 db_get ssh/SUID_client } if [ "$RET" = "true" ]; then ssh_mod=4755 else ssh_mod=0755 fi RET=true test -e /usr/share/debconf/confmodule && { db_get ssh/run_sshd } if [ "$RET" = "false" ]; then touch /etc/ssh/sshd_not_to_be_run else test -f /etc/ssh/sshd_not_to_be_run && rm -f /etc/ssh/sshd_not_to_be_run fi chown root.root /usr/bin/ssh chmod $ssh_mod /usr/bin/ssh if [ -x /usr/sbin/dpkg-statoverride ]; then if [ "$ssh_mod" = "4755" ]; then # Since we messed up here last time and set the override for # the sshd server we now remove it. if ( `dpkg-statoverride --list | grep -q sshd` ); then dpkg-statoverride --remove /usr/sbin/sshd fi if ! ( `dpkg-statoverride --list | grep -q ssh` ); then dpkg-statoverride --add root root 4755 /usr/bin/ssh fi fi fi # Automatically added by dh_installdocs if [ "$1" = "configure" ]; then if [ -d /usr/doc -a ! -e /usr/doc/ssh -a -d /usr/share/doc/ssh ]; then ln -sf ../share/doc/ssh /usr/doc/ssh fi fi # End automatically added section # Automatically added by dh_installinit if [ -e "/etc/init.d/ssh" ]; then update-rc.d ssh defaults >/dev/null /etc/init.d/ssh start fi # End automatically added section test -e /usr/share/debconf/confmodule && { db_stop } exit 0