#!/bin/sh

# Get service config
[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd

# generate new key with empty password if it does not exist
ssh_gen_key() {
	local type="$1" keyfile="$2"

	test -s $keyfile && return

	/usr/bin/ssh-keygen -t $type -f $keyfile -N '' >&2
	chmod 600 $keyfile
	[ ! -x /sbin/restorecon ] || /sbin/restorecon $keyfile
}

# generate new keys with empty passwords if they do not exist
ssh_gen_key ed25519 /etc/ssh/ssh_host_ed25519_key
ssh_gen_key rsa /etc/ssh/ssh_host_rsa_key
