From f972813ecdc7bb981d25b5a63638bd158f1c8e72 Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Sun, 23 Jan 2022 17:29:39 +0800
Subject: [PATCH] Don't include sk keys at all in KEX list

---
 common-algo.c | 6 ------
 svr-runopts.c | 6 ------
 2 files changed, 12 deletions(-)

diff --git a/common-algo.c b/common-algo.c
index 2d27893..f3961c2 100644
--- a/common-algo.c
+++ b/common-algo.c
@@ -239,9 +239,6 @@ algo_type ssh_nocompress[] = {
 algo_type sigalgs[] = {
 #if DROPBEAR_ED25519
 	{"ssh-ed25519", DROPBEAR_SIGNATURE_ED25519, NULL, 1, NULL},
-#if DROPBEAR_SK_ED25519
-	{"sk-ssh-ed25519@openssh.com", DROPBEAR_SIGNATURE_SK_ED25519, NULL, 1, NULL},
-#endif
 #endif
 #if DROPBEAR_ECDSA
 #if DROPBEAR_ECC_256
@@ -253,9 +250,6 @@ algo_type sigalgs[] = {
 #if DROPBEAR_ECC_521
 	{"ecdsa-sha2-nistp521", DROPBEAR_SIGNATURE_ECDSA_NISTP521, NULL, 1, NULL},
 #endif
-#if DROPBEAR_SK_ECDSA
-	{"sk-ecdsa-sha2-nistp256@openssh.com", DROPBEAR_SIGNATURE_SK_ECDSA_NISTP256, NULL, 1, NULL},
-#endif
 #endif
 #if DROPBEAR_RSA
 #if DROPBEAR_RSA_SHA256
diff --git a/svr-runopts.c b/svr-runopts.c
index e1ec394..02ec2d4 100644
--- a/svr-runopts.c
+++ b/svr-runopts.c
@@ -668,12 +668,6 @@ void load_all_hostkeys() {
 		any_keys = 1;
 	}
 #endif
-#if DROPBEAR_SK_ECDSA
-	disablekey(DROPBEAR_SIGNKEY_SK_ECDSA_NISTP256);
-#endif 
-#if DROPBEAR_SK_ED25519
-	disablekey(DROPBEAR_SIGNKEY_SK_ED25519);
-#endif
 
 	if (!any_keys) {
 		dropbear_exit("No hostkeys available. 'dropbear -R' may be useful or run dropbearkey.");