Generate ED25519 host keys on fresh installations.

Upgraders who wish to add such host keys should manually add 'HostKey
/etc/ssh/ssh_host_ed25519_key' to /etc/ssh/sshd_config and run 'ssh-keygen
-q -f /etc/ssh/ssh_host_ed25519_key -N "" -t ed25519'.

1 files changed, 4 insertions, 0 deletions

diff --git a/debian/openssh-server.postinst b/debian/openssh-server.postinst
index 54dbe13a2..91c757db5 100644
--- a/debian/openssh-server.postinst
+++ b/debian/openssh-server.postinst
@@ -84,6 +84,7 @@ host_keys_required() {
                         echo /etc/ssh/ssh_host_rsa_key
                         echo /etc/ssh/ssh_host_dsa_key
                         echo /etc/ssh/ssh_host_ecdsa_key
+                        echo /etc/ssh/ssh_host_ed25519_key
                 fi
         fi
 }
@@ -121,6 +122,8 @@ create_keys() {
                 "$hostkeys" /etc/ssh/ssh_host_dsa_key -t dsa
         create_key "Creating SSH2 ECDSA key; this may take some time ..." \
                 "$hostkeys" /etc/ssh/ssh_host_ecdsa_key -t ecdsa
+        create_key "Creating SSH2 ED25519 key; this may take some time ..." \
+                "$hostkeys" /etc/ssh/ssh_host_ed25519_key -t ed25519
 }
 
 
@@ -176,6 +179,7 @@ Protocol 2
 HostKey /etc/ssh/ssh_host_rsa_key
 HostKey /etc/ssh/ssh_host_dsa_key
 HostKey /etc/ssh/ssh_host_ecdsa_key
+HostKey /etc/ssh/ssh_host_ed25519_key
 #Privilege Separation is turned on for security
 UsePrivilegeSeparation yes