Keys with type sk-* make no sense as host keys, so they should be

disabled
2025-06-26 18:17:32 +00:00 · 2022-01-17 18:33:24 +03:00
parent 2ad020ff30
commit 712d529164
1 changed files with 6 additions and 0 deletions
--- a/svr-runopts.c
+++ b/svr-runopts.c
@@ -668,6 +668,12 @@ void load_all_hostkeys() {
 		any_keys = 1;
 	}
 #endif
+#if DROPBEAR_SK_ECDSA
+	disablekey(DROPBEAR_SIGNKEY_SK_ECDSA);
+#endif 
+#if DROPBEAR_SK_ED25519
+	disablekey(DROPBEAR_SIGNKEY_SK_ED25519);
+#endif

 	if (!any_keys) {
 		dropbear_exit("No hostkeys available. 'dropbear -R' may be useful or run dropbearkey.");