From 6fb57f40bcb65826d6f803f6ff05bdd0eebbd791 Mon Sep 17 00:00:00 2001
From: Alan Pearce <ap@studio-40.com>
Date: Sun, 24 Aug 2014 16:08:41 +0100
Subject: [PATCH] Config: Add support for generating keys

---
 openssh/config.sls | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/openssh/config.sls b/openssh/config.sls
index 3cf3376..2f3a29e 100644
--- a/openssh/config.sls
+++ b/openssh/config.sls
@@ -14,7 +14,14 @@ sshd_config:
       - service: openssh
 
 {% for keyType in ['ecdsa', 'dsa', 'rsa'] %}
-{% if salt['pillar.get']('openssh:provide_' ~ keyType ~ '_keys', False) %}
+{% if salt['pillar.get']('openssh:generate_' ~ keyType ~ '_keys', False) %}
+ssh_generate_host_{{ keyType }}_key:
+  cmd.run:
+    - name: ssh-keygen -t {{ keyType }} -N '' -f /etc/ssh/ssh_host_{{ keyType }}_key
+    - creates: /etc/ssh/ssh_host_{{ keyType }}_key
+    - user: root
+
+{% elif salt['pillar.get']('openssh:provide_' ~ keyType ~ '_keys', False) %}
 ssh_host_{{ keyType }}_key:
   file.managed:
     - name: /etc/ssh/ssh_host_{{ keyType }}_key