#!/bin/sh
### BEGIN INIT INFO
# Provides:       generate-ssh-hostkeys
# Required-Start: $local_fs
# Required-Stop:  
# Should-Start:   
# Should-Stop:    
# Default-Start:  2 3 4 5
# Default-Stop:   
# Description:    Generate ssh host keys if they do not exist
### END INIT INFO

prog=$(basename $0)
logger="logger -t $prog"

rsa_key="/etc/ssh/ssh_host_rsa_key"
ecdsa_key="/etc/ssh/ssh_host_ecdsa_key"
ed25519_key="/etc/ssh/ssh_host_ed25519_key"

# Exit if the hostkeys already exist
if [ -f $rsa_key -a -f $ecdsa_key -a -f $ed25519_key ]; then
	exit
fi

# Generate the ssh host keys
[ -f $rsa_key ] || ssh-keygen -f $rsa_key -t rsa -C 'host' -N ''
[ -f $ecdsa_key ] || ssh-keygen -f $ecdsa_key -t ecdsa -C 'host' -N ''
[ -f $ed25519_key ] || ssh-keygen -f $ed25519_key -t ed25519 -C 'host' -N ''

# Output the public keys to the console
# This allows user to get host keys securely through console log
echo "-----BEGIN SSH HOST KEY FINGERPRINTS-----" | $logger
ssh-keygen -l -f $rsa_key.pub | $logger
ssh-keygen -l -f $ecdsa_key.pub | $logger
ssh-keygen -l -f $ed25519_key.pub | $logger
echo "------END SSH HOST KEY FINGERPRINTS------" | $logger