1 files changed, 15 insertions, 7 deletions

diff --git a/meta/recipes-connectivity/openssh/openssh-6.2p2/init b/meta/recipes-connectivity/openssh/openssh-6.2p2/init
index 6beec848df..12fb79bd7c 100644
--- a/meta/recipes-connectivity/openssh/openssh-6.2p2/init
+++ b/meta/recipes-connectivity/openssh/openssh-6.2p2/init
@@ -6,14 +6,22 @@ set -e
 test -x /usr/sbin/sshd || exit 0
 ( /usr/sbin/sshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0
 
+# /etc/default/ssh may set SYSCONFDIR and SSHD_OPTS
 if test -f /etc/default/ssh; then
     . /etc/default/ssh
 fi
 
+[ -z "$SYSCONFDIR" ] && SYSCONFDIR=/etc/ssh
+mkdir -p $SYSCONFDIR
+
+HOST_KEY_RSA=$SYSCONFDIR/ssh_host_rsa_key
+HOST_KEY_DSA=$SYSCONFDIR/ssh_host_dsa_key
+HOST_KEY_ECDSA=$SYSCONFDIR/ssh_host_ecdsa_key
+
 check_for_no_start() {
     # forget it if we're trying to start, and /etc/ssh/sshd_not_to_be_run exists
-    if [ -e /etc/ssh/sshd_not_to_be_run ]; then 
-	echo "OpenBSD Secure Shell server not in use (/etc/ssh/sshd_not_to_be_run)"
+    if [ -e $SYSCONFDIR/sshd_not_to_be_run ]; then
+	echo "OpenBSD Secure Shell server not in use ($SYSCONFDIR/sshd_not_to_be_run)"
 	exit 0
     fi
 }
@@ -32,17 +40,17 @@ check_config() {
 
 check_keys() {
 	# create keys if necessary
-	if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
+	if [ ! -f $HOST_KEY_RSA ]; then
 		echo "  generating ssh RSA key..."
-		ssh-keygen -q -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa
+		ssh-keygen -q -f $HOST_KEY_RSA -N '' -t rsa
 	fi
-	if [ ! -f /etc/ssh/ssh_host_ecdsa_key ]; then
+	if [ ! -f $HOST_KEY_ECDSA ]; then
 		echo "  generating ssh ECDSA key..."
-		ssh-keygen -q -f /etc/ssh/ssh_host_ecdsa_key -N '' -t ecdsa
+		ssh-keygen -q -f $HOST_KEY_ECDSA -N '' -t ecdsa
 	fi
 	if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
 		echo "  generating ssh DSA key..."
-		ssh-keygen -q -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa
+		ssh-keygen -q -f $HOST_KEY_DSA -N '' -t dsa
 	fi
 }