Changes made in this version:

* Split into separate client and server packages
  * Cleaned up init file
  * Updated usher to support chroot into TARGET

SNAP/sshd.init

@@ -2,8 +2,10 @@
 
 ### BEGIN INIT INFO
 # Provides:            sshd
-# Default-Start:       2 3 4 5
-# Default-Stop:
+# Required-Start:      $network $syslog
+# Required-Stop:       $network $syslog
+# Default-Start:       3 4 5
+# Default-Stop:        0 1 2 6
 # Short-Description:   OpenBSD Secure Shell server
 ### END INIT INFO
 
@@ -12,49 +14,38 @@
 DAEMON=/usr/sbin/sshd
 
 check_privsep_dir() {
-    # Create the PrivSep empty dir if necessary
-    if [ ! -d /var/run/sshd ]; then
-        mkdir /var/run/sshd
-        chmod 0755 /var/run/sshd
-    fi
+  # Create the PrivSep empty dir if necessary
+  if [ ! -d /var/run/sshd ]; then
+    mkdir /var/run/sshd
+    chmod 0755 /var/run/sshd
+  fi
 }
 
-if ! test -f $DAEMON; then
-    log_info_msg "Failed to locate ssh daemon!"
-    log_failure_msg2
-    exit 1;
-fi
+case "$1" in
+  start)
+    check_privsep_dir
+    log_info_msg "Starting OpenBSD Secure Shell server"
+    $DAEMON && log_success_msg || log_failure_msg
+    ;;
+  stop)
+    log_info_msg "Stopping OpenBSD Secure Shell server"
 
-case ${1} in
-    start)
-        check_privsep_dir
-        log_info_msg "Starting OpenBSD Secure Shell server"
-        $DAEMON
-        evaluate_retval
-        ;;
-
-    stop)
-        if ! test -f /var/run/sshd.pid; then
-            log_info_msg "No sshd running"
-            log_failure_msg2
-            exit 1
-            exit
-        fi
-
-        log_info_msg "Stopping OpenBSD Secure Shell server"
-        kill -TERM $(cat /var/run/sshd.pid)
-        evaluate_retval
-        ;;
-    restart)
-        log_info_msg "Restarting OpenBSD Secure Shell server"
-        kill -TERM $(cat /var/run/sshd.pid)
-        $DAEMON
-        evaluate_retval
-        ;;
-    *)
-        echo "Usage: ${0} {start|stop|restart}"
-        exit 1
-        ;;
+    if ! test -f /var/run/sshd.pid; then
+      echo -n " - No sshd running"
+      log_warning_msg
+    else
+      kill -TERM $(cat /var/run/sshd.pid) && log_success_msg || log_failure_msg
+    fi
+    ;;
+  restart)
+    $0 stop
+    sleep 1
+    $0 start
+    ;;
+  *)
+    echo "Usage: $0 [start|stop|restart]"
+    exit 1
+    ;;
 esac
 
 exit 0

SNAP/usher

@@ -5,29 +5,50 @@ case $1 in
     exit 0
     ;;
   postinst)
-    if ! getent group sshd 2>&1 > /dev/null; then
-      if groupadd -g 50 sshd; then
-        echo 'Created group sshd'
-      else
-        echo 'Failed to create group sshd!'
-        exit 1
+    if [[ ${TARGET} ]]; then
+      if ! chroot ${TARGET} 'getent group sshd 2>&1' > /dev/null; then
+        if chroot ${TARGET} 'groupadd -g 50 sshd'; then
+          echo 'Created group sshd'
+        else
+          echo 'Failed to create group sshd!'
+          exit 1
+        fi
       fi
-    fi
-
-    if ! getent passwd sshd 2>&1 > /dev/null; then
-      if useradd -c 'sshd PrivSep' -d /var/lib/sshd -g sshd \
-      -s /bin/false -u 50 sshd; then
-        echo 'Created user sshd'
-      else
-        echo 'Failed to create user sshd!'
-        exit 1
+      if ! chroot ${TARGET} 'getent passwd sshd 2>&1 > /dev/null'; then
+        if chroot ${TARGET} 'useradd -c "sshd PrivSep" \
+        -d /var/lib/sshd -g sshd -s /bin/false -u 50 sshd'; then
+          echo 'Created user sshd'
+        else
+          echo 'Failed to create user sshd!'
+          exit 1
+        fi
       fi
-    fi
 
-    chown root:root /var/run/sshd
+      if [ ! -f ${TARGET}/etc/ssh/ssh_host_rsa_key ]; then
+        chroot ${TARGET} 'ssh-keygen -A'
+      fi
+    else
+      if ! getent group sshd 2>&1 > /dev/null; then
+        if groupadd -g 50 sshd; then
+          echo 'Created group sshd'
+        else
+          echo 'Failed to create group sshd!'
+          exit 1
+        fi
+      fi
+      if ! getent passwd sshd 2>&1 > /dev/null; then
+        if useradd -c 'sshd PrivSep' -d /var/lib/sshd -g sshd \
+        -s /bin/false -u 50 sshd; then
+          echo 'Created user sshd'
+        else
+          echo 'Failed to create user sshd!'
+          exit 1
+        fi
+      fi
 
-    if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
-      ssh-keygen -A
+      if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
+        ssh-keygen -A
+      fi
     fi
     ;;
   prerm)