From 20a1e40c9770a5691e20117c3049ea4eb51e27de Mon Sep 17 00:00:00 2001
From: Ulrich Dangel <uli@spamt.net>
Date: Wed, 25 May 2011 12:36:58 +0200
Subject: [PATCH] Generate ECDSA key if necessary

---
 etc/init.d/ssh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/etc/init.d/ssh b/etc/init.d/ssh
index 6fdc08d..82af0f1 100755
--- a/etc/init.d/ssh
+++ b/etc/init.d/ssh
@@ -41,6 +41,7 @@ KEYGEN=/usr/bin/ssh-keygen
 RSA1_KEY=/etc/ssh/ssh_host_key
 RSA_KEY=/etc/ssh/ssh_host_rsa_key
 DSA_KEY=/etc/ssh/ssh_host_dsa_key
+ECDSA_KEY=/etc/ssh/ssh_host_ecdsa_key
 
 # Are we running from init?
 run_by_init() {
@@ -108,6 +109,10 @@ case "$1" in
 	   log_action_msg "Generating SSH2 DSA host key..."
 	   $KEYGEN -t dsa -f $DSA_KEY -C '' -N '' || exit 1
 	fi
+	if ! test -f "$ECDSA_KEY" && grep -q "$ECDSA_KEY" /etc/ssh/sshd_config ; then
+	   log_action_msg "Generating SSH2 ECDSA host key..."
+	   $KEYGEN -t ecdsa -f "$ECDSA_KEY" -C '' -N '' || exit 1
+	fi
 
 	log_daemon_msg "Starting OpenBSD Secure Shell server" "sshd"
 	if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
-- 
2.1.4