4 files changed, 25 insertions, 100 deletions

diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec
index 23657eacd..2b927f177 100644
--- a/contrib/redhat/openssh.spec
+++ b/contrib/redhat/openssh.spec
@@ -84,24 +84,24 @@ Obsoletes: ssh
 %if %{build6x}
 PreReq: initscripts >= 5.00
 %else
-PreReq: initscripts >= 5.20
+Requires: initscripts >= 5.20
 %endif
-BuildPreReq: perl, openssl-devel, tcp_wrappers
-BuildPreReq: /bin/login
+BuildRequires: perl, openssl-devel, tcp_wrappers
+BuildRequires: /bin/login
 %if ! %{build6x}
 BuildPreReq: glibc-devel, pam
 %else
-BuildPreReq: /usr/include/security/pam_appl.h
+BuildRequires: /usr/include/security/pam_appl.h
 %endif
 %if ! %{no_x11_askpass}
-BuildPreReq: /usr/include/X11/Xlib.h
+BuildRequires: /usr/include/X11/Xlib.h
 %endif
 %if ! %{no_gnome_askpass}
-BuildPreReq: pkgconfig
+BuildRequires: pkgconfig
 %endif
 %if %{kerberos5}
-BuildPreReq: krb5-devel
-BuildPreReq: krb5-libs
+BuildRequires: krb5-devel
+BuildRequires: krb5-libs
 %endif
 
 %package clients
@@ -114,7 +114,7 @@ Obsoletes: ssh-clients
 Summary: The OpenSSH server daemon.
 Group: System Environment/Daemons
 Obsoletes: ssh-server
-PreReq: openssh = %{version}-%{release}, chkconfig >= 0.9
+Requires: openssh = %{version}-%{release}, chkconfig >= 0.9
 %if ! %{build6x}
 Requires: /etc/pam.d/system-auth
 %endif
@@ -712,7 +712,7 @@ fi
   it generates.
 
 * Thu Oct  5 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Add BuildPreReq on /usr/include/security/pam_appl.h to be sure we always
+- Add BuildRequires on /usr/include/security/pam_appl.h to be sure we always
   build PAM authentication in.
 - Try setting SSH_ASKPASS if gnome-ssh-askpass is installed.
 - Clean out no-longer-used patches.
@@ -721,7 +721,7 @@ fi
 
 * Mon Oct  2 2000 Nalin Dahyabhai <nalin@redhat.com>
 - Update x11-askpass to 1.0.2. (#17835)
-- Add BuildPreReqs for /bin/login and /usr/bin/rsh so that configure will
+- Add BuildRequiress for /bin/login and /usr/bin/rsh so that configure will
   always find them in the right place. (#17909)
 - Set the default path to be the same as the one supplied by /bin/login, but
   add /usr/X11R6/bin. (#17909)
diff --git a/contrib/redhat/sshd.init b/contrib/redhat/sshd.init
index 854aff665..2334d8142 100755
--- a/contrib/redhat/sshd.init
+++ b/contrib/redhat/sshd.init
@@ -22,70 +22,9 @@ RETVAL=0
 prog="sshd"
 
 # Some functions to make the below more readable
-KEYGEN=/usr/bin/ssh-keygen
 SSHD=/usr/sbin/sshd
-RSA1_KEY=/etc/ssh/ssh_host_key
-RSA_KEY=/etc/ssh/ssh_host_rsa_key
-DSA_KEY=/etc/ssh/ssh_host_dsa_key
 PID_FILE=/var/run/sshd.pid
 
-do_rsa1_keygen() {
-        if [ ! -s $RSA1_KEY ]; then
-                echo -n $"Generating SSH1 RSA host key: "
-                if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
-                        chmod 600 $RSA1_KEY
-                        chmod 644 $RSA1_KEY.pub
-                        if [ -x /sbin/restorecon ]; then
-                            /sbin/restorecon $RSA1_KEY.pub
-                        fi
-                        success $"RSA1 key generation"
-                        echo
-                else
-                        failure $"RSA1 key generation"
-                        echo
-                        exit 1
-                fi
-        fi
-}
-
-do_rsa_keygen() {
-        if [ ! -s $RSA_KEY ]; then
-                echo -n $"Generating SSH2 RSA host key: "
-                if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
-                        chmod 600 $RSA_KEY
-                        chmod 644 $RSA_KEY.pub
-                        if [ -x /sbin/restorecon ]; then
-                            /sbin/restorecon $RSA_KEY.pub
-                        fi
-                        success $"RSA key generation"
-                        echo
-                else
-                        failure $"RSA key generation"
-                        echo
-                        exit 1
-                fi
-        fi
-}
-
-do_dsa_keygen() {
-        if [ ! -s $DSA_KEY ]; then
-                echo -n $"Generating SSH2 DSA host key: "
-                if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
-                        chmod 600 $DSA_KEY
-                        chmod 644 $DSA_KEY.pub
-                        if [ -x /sbin/restorecon ]; then
-                            /sbin/restorecon $DSA_KEY.pub
-                        fi
-                        success $"DSA key generation"
-                        echo
-                else
-                        failure $"DSA key generation"
-                        echo
-                        exit 1
-                fi
-        fi
-}
-
 do_restart_sanity_check()
 {
         $SSHD -t
@@ -99,9 +38,13 @@ do_restart_sanity_check()
 start()
 {
         # Create keys if necessary
-        do_rsa1_keygen
-        do_rsa_keygen
-        do_dsa_keygen
+        /usr/bin/ssh-keygen -A
+        if [ -x /sbin/restorecon ]; then
+                /sbin/restorcon /etc/ssh/ssh_host_key.pub
+                /sbin/restorcon /etc/ssh/ssh_host_rsa_key.pub
+                /sbin/restorcon /etc/ssh/ssh_host_dsa_key.pub
+                /sbin/restorcon /etc/ssh/ssh_host_ecdsa_key.pub
+        fi
 
         echo -n $"Starting $prog:"
         $SSHD $OPTIONS && success || failure
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec
index db0c127bd..4621f548c 100644
--- a/contrib/suse/openssh.spec
+++ b/contrib/suse/openssh.spec
@@ -28,11 +28,12 @@ Provides:	ssh
 # (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.)
 # building prerequisites -- stuff for
 #   OpenSSL (openssl-devel),
-#   TCP Wrappers (nkitb),
+#   TCP Wrappers (tcpd-devel),
 #   and Gnome (glibdev, gtkdev, and gnlibsd)
 #
 BuildPrereq:    openssl
-BuildPrereq:    nkitb
+BuildPrereq:    tcpd-devel
+BuildPrereq:    zlib-devel
 #BuildPrereq:   glibdev
 #BuildPrereq:   gtkdev
 #BuildPrereq:   gnlibsd
@@ -177,15 +178,8 @@ rm -rf $RPM_BUILD_ROOT
 /usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null || :
 
 %post
-if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
-        echo "Generating SSH RSA host key..."
-        /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
-fi
-if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
-        echo "Generating SSH DSA host key..."
-        /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
-fi
-%{fillup_and_insserv -n -s -y ssh sshd START_SSHD}
+/usr/bin/ssh-keygen -A
+%{fillup_and_insserv -n -y ssh sshd}
 %run_permissions
 
 %verifyscript
diff --git a/contrib/suse/rc.sshd b/contrib/suse/rc.sshd
index 4d4880d7e..4a3bc41db 100644
--- a/contrib/suse/rc.sshd
+++ b/contrib/suse/rc.sshd
@@ -43,20 +43,8 @@ rc_reset
 
 case "$1" in
     start)
-        if ! test -f /etc/ssh/ssh_host_key ; then
-            echo Generating /etc/ssh/ssh_host_key.
-            ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N ''
-        fi
-        if ! test -f /etc/ssh/ssh_host_dsa_key ; then
-            echo Generating /etc/ssh/ssh_host_dsa_key.
-            
-            ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
-        fi
-        if ! test -f /etc/ssh/ssh_host_rsa_key ; then
-            echo Generating /etc/ssh/ssh_host_rsa_key.
-            
-            ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
-        fi
+        # Generate any missing host keys
+        ssh-keygen -A
         echo -n "Starting SSH daemon"
         ## Start daemon with startproc(8). If this fails
         ## the echo return value is set appropriate.