From 79226e5413c5b0fda3511351a8511ff457e306d8 Mon Sep 17 00:00:00 2001
From: Darren Tucker <dtucker@zip.com.au>
Date: Fri, 1 Dec 2017 16:55:35 +1100
Subject: [PATCH] Remove RSA1 host key generation.

SSH1 support is now gone, remove SSH1 key generation.
Patch from eb at emlix.com.
---
 Makefile.in                  |  3 ---
 contrib/redhat/sshd.init     |  1 -
 contrib/redhat/sshd.init.old | 17 -----------------
 opensshd.init.in             |  4 ----
 4 files changed, 25 deletions(-)

diff --git a/Makefile.in b/Makefile.in
index c52ce191f..2f6f9818e 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -375,9 +375,6 @@ host-key: ssh-keygen$(EXEEXT)
 	fi
 
 host-key-force: ssh-keygen$(EXEEXT) ssh$(EXEEXT)
-	if ./ssh -Q protocol-version | grep '^1$$' >/dev/null; then \
-		./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N ""; \
-	fi
 	./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N ""
 	./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N ""
 	./ssh-keygen -t ed25519 -f $(DESTDIR)$(sysconfdir)/ssh_host_ed25519_key -N ""
diff --git a/contrib/redhat/sshd.init b/contrib/redhat/sshd.init
index 40c8dfd9f..8ee5fcd3b 100755
--- a/contrib/redhat/sshd.init
+++ b/contrib/redhat/sshd.init
@@ -40,7 +40,6 @@ start()
 	# Create keys if necessary
 	/usr/bin/ssh-keygen -A
 	if [ -x /sbin/restorecon ]; then
-		/sbin/restorecon /etc/ssh/ssh_host_key.pub
 		/sbin/restorecon /etc/ssh/ssh_host_rsa_key.pub
 		/sbin/restorecon /etc/ssh/ssh_host_dsa_key.pub
 		/sbin/restorecon /etc/ssh/ssh_host_ecdsa_key.pub
diff --git a/contrib/redhat/sshd.init.old b/contrib/redhat/sshd.init.old
index 0deb6080e..8a30f7da4 100755
--- a/contrib/redhat/sshd.init.old
+++ b/contrib/redhat/sshd.init.old
@@ -24,7 +24,6 @@ prog="sshd"
 # Some functions to make the below more readable
 KEYGEN=/usr/bin/ssh-keygen
 SSHD=/usr/sbin/sshd
-RSA1_KEY=/etc/ssh/ssh_host_key
 RSA_KEY=/etc/ssh/ssh_host_rsa_key
 DSA_KEY=/etc/ssh/ssh_host_dsa_key
 PID_FILE=/var/run/sshd.pid
@@ -61,21 +60,6 @@ my_failure() {
     ;;
   esac
 }
-do_rsa1_keygen() {
-	if [ ! -s $RSA1_KEY ]; then
-		echo -n "Generating SSH1 RSA host key: "
-		if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
-			chmod 600 $RSA1_KEY
-			chmod 644 $RSA1_KEY.pub
-			my_success "RSA1 key generation"
-			echo
-		else
-			my_failure "RSA1 key generation"
-			echo
-			exit 1
-		fi
-	fi
-}
 do_rsa_keygen() {
 	if [ ! -s $RSA_KEY ]; then
 		echo -n "Generating SSH2 RSA host key: "
@@ -119,7 +103,6 @@ do_restart_sanity_check() {
 case "$1" in
 	start)
 		# Create keys if necessary
-		do_rsa1_keygen;
 		do_rsa_keygen;
 		do_dsa_keygen;
 		
diff --git a/opensshd.init.in b/opensshd.init.in
index 3908566b7..99e5a51ab 100755
--- a/opensshd.init.in
+++ b/opensshd.init.in
@@ -17,7 +17,6 @@ PIDFILE=$piddir/sshd.pid
 PidFile=`grep "^PidFile" ${sysconfdir}/sshd_config | tr "=" " " | awk '{print $2}'`
 [ X$PidFile = X ]  ||  PIDFILE=$PidFile
 SSH_KEYGEN=$prefix/bin/ssh-keygen
-HOST_KEY_RSA1=$sysconfdir/ssh_host_key
 HOST_KEY_DSA=$sysconfdir/ssh_host_dsa_key
 HOST_KEY_RSA=$sysconfdir/ssh_host_rsa_key
 @COMMENT_OUT_ECC@HOST_KEY_ECDSA=$sysconfdir/ssh_host_ecdsa_key
@@ -25,9 +24,6 @@ HOST_KEY_ED25519=$sysconfdir/ssh_host_ed25519_key
 
 
 checkkeys() {
-@COMMENT_OUT_RSA1@    if [ ! -f $HOST_KEY_RSA1 ]; then
-@COMMENT_OUT_RSA1@	${SSH_KEYGEN} -t rsa1 -f ${HOST_KEY_RSA1} -N ""
-@COMMENT_OUT_RSA1@    fi
     if [ ! -f $HOST_KEY_DSA ]; then
 	${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N ""
     fi