From: Peter Palfrader <peter@palfrader.org>
Date: Sun, 7 Dec 2014 09:33:53 +0000 (+0100)
Subject: Create ssh ed25519 hostkeys on jessie
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=2962d317313499eb88e8496fa672bf217f1bca2f;p=mirror%2Fdsa-puppet.git

Create ssh ed25519 hostkeys on jessie
---

diff --git a/modules/debian-org/lib/facter/paths.rb b/modules/debian-org/lib/facter/paths.rb
index 6e991f0ab..e48fb600f 100644
--- a/modules/debian-org/lib/facter/paths.rb
+++ b/modules/debian-org/lib/facter/paths.rb
@@ -16,3 +16,12 @@ Facter.add("has_srv_buildd") do
 		end
 	end
 end
+Facter.add("has_etc_ssh_ssh_host_ed25519_key") do
+	setcode do
+		if FileTest.exist?("/etc/ssh/ssh_host_ed25519_key")
+			true
+		else
+			''
+		end
+	end
+end
diff --git a/modules/ssh/manifests/init.pp b/modules/ssh/manifests/init.pp
index 0824f0f89..db6130199 100644
--- a/modules/ssh/manifests/init.pp
+++ b/modules/ssh/manifests/init.pp
@@ -36,4 +36,13 @@ class ssh {
 	file { '/etc/ssh/userkeys/root':
 		content => template('ssh/authorized_keys.erb'),
 	}
+
+	if ($::lsbmajdistrelease >= 8) {
+		if ! $has_etc_ssh_ssh_host_ed25519_key {
+			exec { 'create-ed25519-host-key':
+				command => 'ssh-keygen -f /etc/ssh/ssh_host_ed25519_key -q -P "" -t ed25519',
+				onlyif  => '! [ -e /etc/ssh/ssh_host_ed25519_key ]'
+			}
+		}
+	}
 }