From 0b1e8f5c08ff9c054698719a51a3236ce3b89ec4 Mon Sep 17 00:00:00 2001
From: John Lancaster <32917998+jsl12@users.noreply.github.com>
Date: Sun, 4 Jan 2026 10:09:09 -0600
Subject: [PATCH] better restart_sshd

---
 scripts/ssh-server-check.sh | 28 ++++++++++++++++++++--------
 1 file changed, 20 insertions(+), 8 deletions(-)

diff --git a/scripts/ssh-server-check.sh b/scripts/ssh-server-check.sh
index f8d50ba..fd94ec6 100755
--- a/scripts/ssh-server-check.sh
+++ b/scripts/ssh-server-check.sh
@@ -95,29 +95,41 @@ TrustedUserCAKeys /etc/ssh/ssh_user_ca.pub
 HostKey /etc/ssh/ssh_host_ed25519_key
 HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub
 EOF
+
+    echo -e "$GREEN_CHECK  Configured sshd to use and accept SSH certs."
 }
 
 
+restart_sshd() {
+    if systemctl is-active --quiet sshd; then
+        local sshd_pid=$(systemctl show --property MainPID --value sshd)
+        kill -SIGHUP $sshd_pid
+        echo -e "$GREEN_CHECK  Restarted sshd service on PID: $sshd_pid"
+    else
+        echo -e "$YELLOW_BANG  Not running sshd service"
+        read -p "Do you want to start sshd? (y/n) " -n 1 -r
+        echo
+        if [[ $REPLY =~ ^[Yy]$ ]]; then
+            systemctl start sshd
+            echo -e "$GREEN_CHECK  Started sshd"
+        fi
+    fi
+}
+
 #
 # Run Process
 #
 
 if [[ ! -e "/etc/ssh/sshd_config.d/certs.conf" ]]; then
-    echo "⚠️  sshd not configured to use SSH certs"
+    echo -e "$YELLOW_BANG  sshd not configured to use SSH certs"
     read -p "Do you want to configure sshd? (y/n) " -n 1 -r
     echo
     if [[ $REPLY =~ ^[Yy]$ ]]; then
         install_cert_config
-        echo -n "Restarting sshd..."
-        systemctl restart sshd
-        echo "done"
-    else
-        echo "Exiting"
-        exit 1
+        restart_sshd
     fi
 fi
 
-
 check_ssh_files
 
 echo ""