From dbe2d3f1ca30d19ca124264a54a084f03c33e3c8 Mon Sep 17 00:00:00 2001
From: djm <djm@openbsd.org>
Date: Thu, 28 May 2015 04:40:13 +0000
Subject: [PATCH] make ssh-keygen default to ed25519 keys when compiled without
 OpenSSL; bz#2388, ok dtucker@

---
 usr.bin/ssh/ssh-keygen.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c
index 1ae75c17520..c4e466c2240 100644
--- a/usr.bin/ssh/ssh-keygen.c
+++ b/usr.bin/ssh/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.272 2015/05/21 12:01:19 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.273 2015/05/28 04:40:13 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -52,6 +52,12 @@
 #include "ssh-pkcs11.h"
 #endif
 
+#ifdef WITH_OPENSSL
+# define DEFAULT_KEY_TYPE_NAME "rsa"
+#else
+# define DEFAULT_KEY_TYPE_NAME "ed25519"
+#endif
+
 /* Number of bits in the RSA/DSA key.  This value can be set on the command line. */
 #define DEFAULT_BITS		2048
 #define DEFAULT_BITS_DSA	1024
@@ -2561,7 +2567,7 @@ main(int argc, char **argv)
 	}
 
 	if (key_type_name == NULL)
-		key_type_name = "rsa";
+		key_type_name = DEFAULT_KEY_TYPE_NAME;
 
 	type = sshkey_type_from_name(key_type_name);
 	type_bits_valid(type, key_type_name, &bits);
-- 
2.20.1