From 65cf280be1e953cd61224d3d8494dc8ea82926ca Mon Sep 17 00:00:00 2001
From: Jeremy Chadwick <jdc@koitsu.org>
Date: Wed, 21 Dec 2016 14:30:55 -0800
Subject: [PATCH] Add generation/use of ECDSA keys for SSH/Dropbear

---
 release/src/router/nvram/defaults.c | 1 +
 release/src/router/rc/telssh.c      | 5 +++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/release/src/router/nvram/defaults.c b/release/src/router/nvram/defaults.c
index d241324a0a..66c97afab5 100644
--- a/release/src/router/nvram/defaults.c
+++ b/release/src/router/nvram/defaults.c
@@ -602,6 +602,7 @@ const defaults_t defaults[] = {
 	{ "sshd_authkeys",		""				},
 	{ "sshd_hostkey",		""				},
 	{ "sshd_dsskey",		""				},
+	{ "sshd_ecdsakey",		""				},
 	{ "sshd_forwarding",		"1"				},
 	{ "rmgt_sip",			""				},	// remote management: source ip address
 
diff --git a/release/src/router/rc/telssh.c b/release/src/router/rc/telssh.c
index 398c15464e..e5e010ce5b 100644
--- a/release/src/router/rc/telssh.c
+++ b/release/src/router/rc/telssh.c
@@ -117,8 +117,9 @@ void start_sshd(void)
 
 	f_write_string("/root/.ssh/authorized_keys", nvram_safe_get("sshd_authkeys"), 0, 0700);
 
-	dirty |= check_host_key("rsa", "sshd_hostkey", "/etc/dropbear/dropbear_rsa_host_key");
-	dirty |= check_host_key("dss", "sshd_dsskey",  "/etc/dropbear/dropbear_dss_host_key");
+	dirty |= check_host_key("rsa",   "sshd_hostkey",  "/etc/dropbear/dropbear_rsa_host_key");
+	dirty |= check_host_key("dss",   "sshd_dsskey",   "/etc/dropbear/dropbear_dss_host_key");
+	dirty |= check_host_key("ecdsa", "sshd_ecdsakey", "/etc/dropbear/dropbear_ecdsa_host_key");
 	if (dirty)
 		nvram_commit_x();
 
-- 
2.11.4.GIT