From 69c29a5b26505ca5ee3633b0b6a5463411f2a6d8 Mon Sep 17 00:00:00 2001
From: Markus Gothe <markus.gothe@genexis.eu>
Date: Wed, 15 Jan 2025 18:54:29 +0100
Subject: [PATCH] openssh: Validate keys and regenerate if needed.

Imitate dropbear init.d-script and make sure we
don't end up with corrupt keys.

This can happen if we use a caching filesystem,
like 'ubifs', and the DUT is powered off during
boot-up.

Signed-off-by: Markus Gothe <markus.gothe@genexis.eu>
---
 net/openssh/files/sshd.init | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/net/openssh/files/sshd.init b/net/openssh/files/sshd.init
index 8dce2a1e6c..998b9a5869 100644
--- a/net/openssh/files/sshd.init
+++ b/net/openssh/files/sshd.init
@@ -12,6 +12,13 @@ start_service() {
 	do
 		# check for keys
 		key=/etc/ssh/ssh_host_${type}_key
+		[ -f $key ] && {
+			[ -x /usr/bin/ssh-keygen ] && {
+				if ! /usr/bin/ssh-keygen -y -f $key > /dev/null 2>&1; then
+					rm -rf $key
+				fi
+			}
+		}
 		[ ! -f $key ] && {
 			# generate missing keys
 			[ -x /usr/bin/ssh-keygen ] && {
-- 
2.30.2