From 1462de5debcdf61d57776486186d1ba289856567 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Wed, 23 Oct 2013 22:51:32 +0200 Subject: [PATCH] sshd-keygen to generate ECDSA keys (#1019222) --- sshd-keygen | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/sshd-keygen b/sshd-keygen index 737aa88..012bb64 100644 --- a/sshd-keygen +++ b/sshd-keygen @@ -14,6 +14,7 @@ KEYGEN=/usr/bin/ssh-keygen RSA1_KEY=/etc/ssh/ssh_host_key RSA_KEY=/etc/ssh/ssh_host_rsa_key DSA_KEY=/etc/ssh/ssh_host_dsa_key +ECDSA_KEY=/etc/ssh/ssh_host_ecdsa_key # pull in sysconfig settings [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd @@ -89,11 +90,33 @@ do_dsa_keygen() { fi } +do_ecdsa_keygen() { + if [ ! -s $ECDSA_KEY ]; then + echo -n $"Generating SSH2 ECDSA host key: " + rm -f $ECDSA_KEY + if test ! -f $ECDSA_KEY && $KEYGEN -q -t ecdsa -f $ECDSA_KEY -C '' -N '' >&/dev/null; then + chgrp ssh_keys $ECDSA_KEY + chmod 600 $ECDSA_KEY + chmod 644 $ECDSA_KEY.pub + if [ -x /sbin/restorecon ]; then + /sbin/restorecon $ECDSA_KEY.pub + fi + success $"ECDSA key generation" + echo + else + failure $"ECDSA key generation" + echo + exit 1 + fi + fi +} + # Create keys if necessary if [ "x${AUTOCREATE_SERVER_KEYS}" != xNO ]; then do_rsa_keygen if [ "x${AUTOCREATE_SERVER_KEYS}" != xRSAONLY ]; then do_rsa1_keygen do_dsa_keygen + do_ecdsa_keygen fi fi