regenerate-ssh-keys

#! /bin/sh

## Re-generate SSH host keys at boot (via dpkg-reconfigure) if any are missing

### BEGIN INIT INFO
# Provides:             regnerate-ssh-keys
# Required-Start:       $remote_fs $syslog
# Required-Stop:        $remote_fs $syslog
# Default-Start:        2 3 4 5
# Default-Stop:         0 1 6
# Short-Description:    Regenerate SSH host keys if required
### END INIT INFO

set -e

test -x /usr/sbin/sshd || exit 0

if test -f /lib/init/vars.sh ; then
	. /lib/init/vars.sh
fi

SSH_HOST_KEY_TYPES="rsa dsa ecdsa"

if test -f /etc/default/ssh ; then
	. /etc/default/ssh
fi

. /lib/lsb/init-functions

case "$1" in
  remove-keys)
	for t in $SSH_HOST_KEY_TYPES ; do
		rm -fv /etc/ssh/ssh_host_${t}_key /etc/ssh/ssh_host_${t}_key.pub
	done
	;;
  start|restart|try-restart)
	missing=no
	for t in $SSH_HOST_KEY_TYPES ; do
		if ! test -f /etc/ssh/ssh_host_${t}_key ; then
			log_action_msg "/etc/ssh/host_${t}_key is missing" || true
			missing=yes
			break
		fi
		if ! test -f /etc/ssh/ssh_host_${t}_key.pub ; then
			log_action_msg "/etc/ssh/host_${t}_key.pub is missing" || true
			missing=yes
			break
		fi
	done
	if test x"$missing" = x"yes" ; then
		log_action_msg "Re-generating SSH host keys" || true
		/usr/sbin/dpkg-reconfigure openssh-server
	fi
	;;
  stop|reload|force-reload|status)
	;;
  *)
	log_action_msg "Usage: /etc/init.d/regenerate-ssh-keys {start|remove-keys}" || true
	exit 1
esac

exit 0