From 712d529164e0cf6bd497e337dd10684385dcb4b9 Mon Sep 17 00:00:00 2001
From: Egor Duda <egor.duda@gmail.com>
Date: Mon, 17 Jan 2022 18:33:24 +0300
Subject: [PATCH] Keys with type sk-* make no sense as host keys, so they
 should be disabled

---
 svr-runopts.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/svr-runopts.c b/svr-runopts.c
index 02ec2d4..38d6681 100644
--- a/svr-runopts.c
+++ b/svr-runopts.c
@@ -668,6 +668,12 @@ void load_all_hostkeys() {
 		any_keys = 1;
 	}
 #endif
+#if DROPBEAR_SK_ECDSA
+	disablekey(DROPBEAR_SIGNKEY_SK_ECDSA);
+#endif 
+#if DROPBEAR_SK_ED25519
+	disablekey(DROPBEAR_SIGNKEY_SK_ED25519);
+#endif
 
 	if (!any_keys) {
 		dropbear_exit("No hostkeys available. 'dropbear -R' may be useful or run dropbearkey.");