From 8679cc51cdd04a5e8e3db32820fc0ccd679aa03c Mon Sep 17 00:00:00 2001
From: Peter Avalos <pavalos@dragonflybsd.org>
Date: Sat, 24 Jan 2015 15:10:51 -0800
Subject: [PATCH] rc.d/sshd: Simplify key generation.

ssh-keygen(1) already provides the functionality we were previously
trying to do here with its -A flag, except now it will reduce the
maintenance burden of having to update this file when there are new key
types.
---
 etc/rc.d/sshd | 50 ++------------------------------------------------
 1 file changed, 2 insertions(+), 48 deletions(-)

diff --git a/etc/rc.d/sshd b/etc/rc.d/sshd
index 13f607e5cf..99ab8dfa05 100644
--- a/etc/rc.d/sshd
+++ b/etc/rc.d/sshd
@@ -19,58 +19,12 @@ extra_commands="keygen reload"
 
 sshd_keygen()
 {
-	(
-	umask 022
-
-	# Can't do anything if ssh is not installed
-	[ -x /usr/bin/ssh-keygen ] || {
-		warn "/usr/bin/ssh-keygen does not exist."
-		return 1
-	}
-
-	if [ -f /etc/ssh/ssh_host_key ]; then
-		echo "You already have an RSA host key" \
-		    "in /etc/ssh/ssh_host_key"
-		echo "Skipping protocol version 1 RSA Key Generation"
-	else
-		/usr/bin/ssh-keygen -t rsa1 -b 1024 \
-		    -f /etc/ssh/ssh_host_key -N ''
-	fi
-
-	if [ -f /etc/ssh/ssh_host_dsa_key ]; then
-		echo "You already have a DSA host key" \
-		    "in /etc/ssh/ssh_host_dsa_key"
-		echo "Skipping protocol version 2 DSA Key Generation"
-	else
-		/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
-	fi
-
-	if [ -f /etc/ssh/ssh_host_ecdsa_key ]; then
-		echo "You already have a ECDSA host key" \
-		    "in /etc/ssh/ssh_host_ecdsa_key"
-		echo "Skipping protocol version 2 ECDSA Key Generation"
-	else
-		/usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
-	fi
-
-	if [ -f /etc/ssh/ssh_host_rsa_key ]; then
-		echo "You already have a RSA host key" \
-		    "in /etc/ssh/ssh_host_rsa_key"
-		echo "Skipping protocol version 2 RSA Key Generation"
-	else
-		/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
-	fi
-	)
+	/usr/bin/ssh-keygen -A
 }
 
 sshd_precmd()
 {
-	if [ ! -f /etc/ssh/ssh_host_key -o \
-	    ! -f /etc/ssh/ssh_host_dsa_key -o \
-	    ! -f /etc/ssh/ssh_host_ecdsa_key -o \
-	    ! -f /etc/ssh/ssh_host_rsa_key ]; then
-		run_rc_command keygen
-	fi
+	run_rc_command keygen
 }
 
 load_rc_config $name
-- 
2.41.0