From 33f21a097637f9b1d84e8ad694ebc882240870a1 Mon Sep 17 00:00:00 2001
From: Franz Pletz <fpletz@fnordicwalking.de>
Date: Mon, 15 Dec 2014 07:00:17 +0100
Subject: [PATCH 1/2] Add support for ED25519 host keys

---
 openssh/config.sls |  2 +-
 pillar.example     | 10 ++++++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/openssh/config.sls b/openssh/config.sls
index 2f3a29e..66c3625 100644
--- a/openssh/config.sls
+++ b/openssh/config.sls
@@ -13,7 +13,7 @@ sshd_config:
     - watch_in:
       - service: openssh
 
-{% for keyType in ['ecdsa', 'dsa', 'rsa'] %}
+{% for keyType in ['ecdsa', 'dsa', 'rsa', 'ed25519'] %}
 {% if salt['pillar.get']('openssh:generate_' ~ keyType ~ '_keys', False) %}
 ssh_generate_host_{{ keyType }}_key:
   cmd.run:
diff --git a/pillar.example b/pillar.example
index 70ec760..bf82fe9 100644
--- a/pillar.example
+++ b/pillar.example
@@ -78,3 +78,13 @@ openssh:
       -----END RSA PRIVATE KEY-----
     public_key: |
       ssh-rsa NOT_DEFINED
+
+  generate_ed25519_keys: False
+  provide_ed25519_keys: False
+  ed25519:
+    private_key: |
+      -----BEGIN OPENSSH PRIVATE KEY-----
+      NOT_DEFINED
+      -----END OPENSSH PRIVATE KEY-----
+    public_key: |
+      ssh-ed25519 NOT_DEFINED

From 5d0f69ad2c461ab0068535dbd56f14d0103e3016 Mon Sep 17 00:00:00 2001
From: Franz Pletz <fpletz@fnordicwalking.de>
Date: Mon, 15 Dec 2014 07:00:45 +0100
Subject: [PATCH 2/2] Cleanups for host key pillar example

---
 openssh/config.sls |  2 +-
 pillar.example     | 13 ++++++++-----
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/openssh/config.sls b/openssh/config.sls
index 66c3625..13c3e96 100644
--- a/openssh/config.sls
+++ b/openssh/config.sls
@@ -40,4 +40,4 @@ ssh_host_{{ keyType }}_key.pub:
     - require_in:
       - service: {{ openssh.service }}
 {% endif %}
-{% endfor %}
\ No newline at end of file
+{% endfor %}
diff --git a/pillar.example b/pillar.example
index bf82fe9..c6c6694 100644
--- a/pillar.example
+++ b/pillar.example
@@ -51,6 +51,9 @@ openssh:
         present: False
         enc: ssh-rsa
         comment: obsolete key - removed
+
+  generate_dsa_keys: False
+  provide_dsa_keys: False
   dsa:
     private_key: |
       -----BEGIN DSA PRIVATE KEY-----
@@ -58,6 +61,9 @@ openssh:
       -----END DSA PRIVATE KEY-----
     public_key: |
       ssh-dss NOT_DEFINED
+
+  generate_ecdsa_keys: False
+  provide_ecdsa_keys: False
   ecdsa:
     private_key: |
       -----BEGIN EC PRIVATE KEY-----
@@ -65,12 +71,9 @@ openssh:
       -----END EC PRIVATE KEY-----
     public_key: |
       ecdsa-sha2-nistp256 NOT_DEFINED
-  provide_dsa_keys: False
-  provide_ecdsa_keys: False
-  provide_rsa_keys: False
-  generate_dsa_keys: False
-  generate_ecdsa_keys: False
+
   generate_rsa_keys: False
+  provide_rsa_keys: False
   rsa:
     private_key: |
       -----BEGIN RSA PRIVATE KEY-----