From abcbbd1fd7d11549b7c44e301f17a4b9596a04b5 Mon Sep 17 00:00:00 2001
From: Arne Fitzenreiter <arne_f@ipfire.org>
Date: Fri, 18 Feb 2011 20:31:19 +0100
Subject: [PATCH] Add ssh ecdsa hostkey.

---
 config/rootfiles/core/47/filelists/files | 2 ++
 config/rootfiles/core/47/update.sh       | 5 +++++
 html/cgi-bin/remote.cgi                  | 3 ++-
 src/initscripts/init.d/sshd              | 1 +
 4 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/config/rootfiles/core/47/filelists/files b/config/rootfiles/core/47/filelists/files
index 1df41d9a76..fee8ee2b06 100644
--- a/config/rootfiles/core/47/filelists/files
+++ b/config/rootfiles/core/47/filelists/files
@@ -1,2 +1,4 @@
 etc/system-release
+etc/rc.d/init.d/sshd
 srv/web/ipfire/cgi-bin/services.cgi
+srv/web/ipfire/cgi-bin/remote.cgi
diff --git a/config/rootfiles/core/47/update.sh b/config/rootfiles/core/47/update.sh
index b67200a70a..ef10f558bb 100644
--- a/config/rootfiles/core/47/update.sh
+++ b/config/rootfiles/core/47/update.sh
@@ -34,6 +34,11 @@ rm -f /var/cache/pakfire/core-upgrade-*.ipfire
 #Extract files
 extract_files
 
+#Generate ssh ecdsa host key if not present
+if [ ! -e /etc/ssh/ssh_host_ecdsa_key ]; then
+   ssh-keygen -qf /etc/ssh/ssh_host_ecdsa_key -N '' -t ecdsa
+fi
+
 #
 #Start services
 
diff --git a/html/cgi-bin/remote.cgi b/html/cgi-bin/remote.cgi
index 9737b078dd..ed8a94d246 100644
--- a/html/cgi-bin/remote.cgi
+++ b/html/cgi-bin/remote.cgi
@@ -2,7 +2,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007  Michael Tremer & Christian Schmidt                      #
+# Copyright (C) 2007-2011  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -180,6 +180,7 @@ END
 &viewkey("/etc/ssh/ssh_host_key.pub","RSA1");
 &viewkey("/etc/ssh/ssh_host_rsa_key.pub","RSA2");
 &viewkey("/etc/ssh/ssh_host_dsa_key.pub","DSA");
+&viewkey("/etc/ssh/ssh_host_ecdsa_key.pub","ECDSA");
 
 print "</table>\n";
 
diff --git a/src/initscripts/init.d/sshd b/src/initscripts/init.d/sshd
index 1bd23460a8..e99e694056 100644
--- a/src/initscripts/init.d/sshd
+++ b/src/initscripts/init.d/sshd
@@ -17,6 +17,7 @@ case "$1" in
        ssh-keygen -qf /etc/ssh/ssh_host_rsa_key -N ''
        ssh-keygen -qf /etc/ssh/ssh_host_key -N '' -t rsa1
        ssh-keygen -qf /etc/ssh/ssh_host_dsa_key -N '' -t dsa
+       ssh-keygen -qf /etc/ssh/ssh_host_ecdsa_key -N '' -t ecdsa
     fi
 
         [ -e "/var/ipfire/remote/enablessh" ] || exit 0 # SSH is not enabled
-- 
2.39.2