[openssh] sshd-keygen to generate ECDSA keys <i.grok at comcast.net> (#1019222)
plautrba
plautrba at fedoraproject.org
Wed Oct 23 21:15:00 UTC 2013
commit 1462de5debcdf61d57776486186d1ba289856567
Author: Petr Lautrbach <plautrba at redhat.com>
Date: Wed Oct 23 22:51:32 2013 +0200
sshd-keygen to generate ECDSA keys <i.grok at comcast.net> (#1019222)
sshd-keygen | 23 +++++++++++++++++++++++
1 files changed, 23 insertions(+), 0 deletions(-)
---
diff --git a/sshd-keygen b/sshd-keygen
index 737aa88..012bb64 100644
--- a/sshd-keygen
+++ b/sshd-keygen
@@ -14,6 +14,7 @@ KEYGEN=/usr/bin/ssh-keygen
RSA1_KEY=/etc/ssh/ssh_host_key
RSA_KEY=/etc/ssh/ssh_host_rsa_key
DSA_KEY=/etc/ssh/ssh_host_dsa_key
+ECDSA_KEY=/etc/ssh/ssh_host_ecdsa_key
# pull in sysconfig settings
[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
@@ -89,11 +90,33 @@ do_dsa_keygen() {
fi
}
+do_ecdsa_keygen() {
+ if [ ! -s $ECDSA_KEY ]; then
+ echo -n $"Generating SSH2 ECDSA host key: "
+ rm -f $ECDSA_KEY
+ if test ! -f $ECDSA_KEY && $KEYGEN -q -t ecdsa -f $ECDSA_KEY -C '' -N '' >&/dev/null; then
+ chgrp ssh_keys $ECDSA_KEY
+ chmod 600 $ECDSA_KEY
+ chmod 644 $ECDSA_KEY.pub
+ if [ -x /sbin/restorecon ]; then
+ /sbin/restorecon $ECDSA_KEY.pub
+ fi
+ success $"ECDSA key generation"
+ echo
+ else
+ failure $"ECDSA key generation"
+ echo
+ exit 1
+ fi
+ fi
+}
+
# Create keys if necessary
if [ "x${AUTOCREATE_SERVER_KEYS}" != xNO ]; then
do_rsa_keygen
if [ "x${AUTOCREATE_SERVER_KEYS}" != xRSAONLY ]; then
do_rsa1_keygen
do_dsa_keygen
+ do_ecdsa_keygen
fi
fi
More information about the scm-commits
mailing list