From 8115d9469c9d4537bf1fa9c1defa17d49f169068 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Wed, 23 Oct 2013 22:51:32 +0200 Subject: [PATCH] sshd-keygen to generate ECDSA keys (#1019222) --- sshd-keygen | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/sshd-keygen b/sshd-keygen index adb5b88..13a0043 100644 --- a/sshd-keygen +++ b/sshd-keygen @@ -13,6 +13,7 @@ KEYGEN=/usr/bin/ssh-keygen RSA1_KEY=/etc/ssh/ssh_host_key RSA_KEY=/etc/ssh/ssh_host_rsa_key DSA_KEY=/etc/ssh/ssh_host_dsa_key +ECDSA_KEY=/etc/ssh/ssh_host_ecdsa_key # pull in sysconfig settings [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd @@ -88,11 +89,33 @@ do_dsa_keygen() { fi } +do_ecdsa_keygen() { + if [ ! -s $ECDSA_KEY ]; then + echo -n $"Generating SSH2 ECDSA host key: " + rm -f $ECDSA_KEY + if test ! -f $ECDSA_KEY && $KEYGEN -q -t ecdsa -f $ECDSA_KEY -C '' -N '' >&/dev/null; then + chgrp ssh_keys $ECDSA_KEY + chmod 600 $ECDSA_KEY + chmod 644 $ECDSA_KEY.pub + if [ -x /sbin/restorecon ]; then + /sbin/restorecon $ECDSA_KEY.pub + fi + success $"ECDSA key generation" + echo + else + failure $"ECDSA key generation" + echo + exit 1 + fi + fi +} + # Create keys if necessary if [ "x${AUTOCREATE_SERVER_KEYS}" != xNO ]; then do_rsa_keygen if [ "x${AUTOCREATE_SERVER_KEYS}" != xRSAONLY ]; then do_rsa1_keygen do_dsa_keygen + do_ecdsa_keygen fi fi