diff options
Diffstat (limited to '')
-rw-r--r-- | debian/systemd/rescue-ssh.target | 6 | ||||
-rw-r--r-- | debian/systemd/ssh-agent.service | 17 | ||||
-rwxr-xr-x | debian/systemd/ssh-session-cleanup | 11 | ||||
-rw-r--r-- | debian/systemd/ssh-session-cleanup.service | 13 | ||||
-rw-r--r-- | debian/systemd/ssh.service | 22 | ||||
-rw-r--r-- | debian/systemd/ssh.socket | 11 |
6 files changed, 80 insertions, 0 deletions
diff --git a/debian/systemd/rescue-ssh.target b/debian/systemd/rescue-ssh.target new file mode 100644 index 0000000..9501b7f --- /dev/null +++ b/debian/systemd/rescue-ssh.target @@ -0,0 +1,6 @@ +[Unit] +Description=Rescue with network and ssh +Documentation=man:systemd.special(7) +Requires=network-online.target ssh.service +After=network-online.target ssh.service +AllowIsolate=yes diff --git a/debian/systemd/ssh-agent.service b/debian/systemd/ssh-agent.service new file mode 100644 index 0000000..68273bd --- /dev/null +++ b/debian/systemd/ssh-agent.service @@ -0,0 +1,17 @@ +[Unit] +Description=OpenSSH Agent +Documentation=man:ssh-agent(1) +Before=graphical-session-pre.target +ConditionPathExists=/etc/X11/Xsession.options +Wants=dbus.socket +After=dbus.socket + +[Service] +# If you need to pass extra arguments to ssh-agent, you can use "systemctl +# --user edit ssh-agent.service" to add a drop-in unit with contents along +# these lines: +# [Service] +# ExecStart= +# ExecStart=/usr/lib/openssh/agent-launch start -- -t 1200 +ExecStart=/usr/lib/openssh/agent-launch start +ExecStopPost=/usr/lib/openssh/agent-launch stop diff --git a/debian/systemd/ssh-session-cleanup b/debian/systemd/ssh-session-cleanup new file mode 100755 index 0000000..f283cc9 --- /dev/null +++ b/debian/systemd/ssh-session-cleanup @@ -0,0 +1,11 @@ +#! /bin/sh + +ssh_session_pattern='sshd: \S.*@pts/[0-9]+' + +IFS="$IFS@" +pgrep -a -f "$ssh_session_pattern" | while read pid daemon user pty; do + echo "Found ${daemon%:} session $pid on $pty; sending SIGTERM" + kill "$pid" || true +done + +exit 0 diff --git a/debian/systemd/ssh-session-cleanup.service b/debian/systemd/ssh-session-cleanup.service new file mode 100644 index 0000000..b867272 --- /dev/null +++ b/debian/systemd/ssh-session-cleanup.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenBSD Secure Shell session cleanup +Wants=network.target +After=network.target + +[Service] +ExecStart=/bin/true +ExecStop=/usr/lib/openssh/ssh-session-cleanup +RemainAfterExit=yes +Type=oneshot + +[Install] +WantedBy=multi-user.target diff --git a/debian/systemd/ssh.service b/debian/systemd/ssh.service new file mode 100644 index 0000000..7495d9a --- /dev/null +++ b/debian/systemd/ssh.service @@ -0,0 +1,22 @@ +[Unit] +Description=OpenBSD Secure Shell server +Documentation=man:sshd(8) man:sshd_config(5) +After=network.target auditd.service +ConditionPathExists=!/etc/ssh/sshd_not_to_be_run + +[Service] +EnvironmentFile=-/etc/default/ssh +ExecStartPre=/usr/sbin/sshd -t +ExecStart=/usr/sbin/sshd -D $SSHD_OPTS +ExecReload=/usr/sbin/sshd -t +ExecReload=/bin/kill -HUP $MAINPID +KillMode=process +Restart=on-failure +RestartPreventExitStatus=255 +Type=notify +RuntimeDirectory=sshd +RuntimeDirectoryMode=0755 + +[Install] +WantedBy=multi-user.target +Alias=sshd.service diff --git a/debian/systemd/ssh.socket b/debian/systemd/ssh.socket new file mode 100644 index 0000000..1de1280 --- /dev/null +++ b/debian/systemd/ssh.socket @@ -0,0 +1,11 @@ +[Unit] +Description=OpenBSD Secure Shell server socket +Before=sockets.target +ConditionPathExists=!/etc/ssh/sshd_not_to_be_run + +[Socket] +ListenStream=22 +Accept=no + +[Install] +WantedBy=sockets.target |