How about if I key off whether GSSAPIKeyExchange is set?
E.g. extend host_keys_required like so:
hostkeys="$(get_config_option HostKey)"
if [ "$hostkeys" ]; then
echo "$hostkeys"
else
if [ "$(get_config_option GSSAPIKeyExchange)" != "yes" ]
then
# No HostKey directives at all, so the server picks some
# defaults depending on the setting of Protocol.
[...]
fi
fi
So, if the user has HostKeys set, those will be generated if they do not exist. If no HostKeys are set, and GSSAPIKeyExchange is set, we don't generate keys the user does not want. Will that make everyone happy?
How about if I key off whether GSSAPIKeyExchange is set?
E.g. extend host_keys_required like so:
hostkeys= "$(get_ config_ option HostKey)" config_ option GSSAPIKeyExchange)" != "yes" ]
if [ "$hostkeys" ]; then
echo "$hostkeys"
else
if [ "$(get_
then
# No HostKey directives at all, so the server picks some
# defaults depending on the setting of Protocol.
[...]
fi
fi
So, if the user has HostKeys set, those will be generated if they do not exist. If no HostKeys are set, and GSSAPIKeyExchange is set, we don't generate keys the user does not want. Will that make everyone happy?