openssh: Validate keys and regenerate if needed.

Imitate dropbear init.d-script and make sure we don't end up with corrupt keys. This can happen if we use a caching filesystem, like 'ubifs', and the DUT is powered off during boot-up. Signed-off-by: Markus Gothe <markus.gothe@genexis.eu>
2025-12-21 17:04:32 +04:00 · 2025-01-15 18:54:29 +01:00
parent 3ac8092a39
commit 69c29a5b26
1 changed files with 7 additions and 0 deletions
--- a/net/openssh/files/sshd.init
+++ b/net/openssh/files/sshd.init
@@ -12,6 +12,13 @@ start_service() {
 	do
 		# check for keys
 		key=/etc/ssh/ssh_host_${type}_key
+		[ -f $key ] && {
+			[ -x /usr/bin/ssh-keygen ] && {
+				if ! /usr/bin/ssh-keygen -y -f $key > /dev/null 2>&1; then
+					rm -rf $key
+				fi
+			}
+		}
 		[ ! -f $key ] && {
 			# generate missing keys
 			[ -x /usr/bin/ssh-keygen ] && {