===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/etc/rc,v
retrieving revision 1.559
retrieving revision 1.560
diff -c -r1.559 -r1.560
*** src/etc/rc	2022/06/28 18:46:01	1.559
--- src/etc/rc	2022/07/11 18:19:47	1.560
***************
*** 1,4 ****
! #	$OpenBSD: rc,v 1.559 2022/06/28 18:46:01 claudio Exp $
  
  # System startup script run by init on autoboot or after single-user.
  # Output and error are redirected to console by init, and the console is the
--- 1,4 ----
! #	$OpenBSD: rc,v 1.560 2022/07/11 18:19:47 tobhe Exp $
  
  # System startup script run by init on autoboot or after single-user.
  # Output and error are redirected to console by init, and the console is the
***************
*** 139,145 ****
  	local _iked_pub=/etc/iked/local.pub
  
  	if [[ ! -f $_isakmpd_key ]]; then
! 		echo -n "openssl: generating isakmpd/iked RSA keys... "
  		if openssl genrsa -out $_isakmpd_key 2048 >/dev/null 2>&1 &&
  			chmod 600 $_isakmpd_key &&
  			openssl rsa -out $_isakmpd_pub -in $_isakmpd_key \
--- 139,145 ----
  	local _iked_pub=/etc/iked/local.pub
  
  	if [[ ! -f $_isakmpd_key ]]; then
! 		echo -n "openssl: generating isakmpd RSA keys... "
  		if openssl genrsa -out $_isakmpd_key 2048 >/dev/null 2>&1 &&
  			chmod 600 $_isakmpd_key &&
  			openssl rsa -out $_isakmpd_pub -in $_isakmpd_key \
***************
*** 151,160 ****
  	fi
  
  	if [[ ! -f $_iked_key ]]; then
! 		# Just copy the generated isakmpd key
! 		cp $_isakmpd_key $_iked_key
! 		chmod 600 $_iked_key
! 		cp $_isakmpd_pub $_iked_pub
  	fi
  
  	ssh-keygen -A
--- 151,165 ----
  	fi
  
  	if [[ ! -f $_iked_key ]]; then
! 		echo -n "openssl: generating iked ECDSA keys... "
! 		if openssl ecparam -genkey -name prime256v1 -out $_iked_key >/dev/null 2>&1 &&
! 			chmod 600 $_iked_key &&
! 			openssl ec -out $_iked_pub -in $_iked_key \
! 			    -pubout >/dev/null 2>&1; then
! 			echo done.
! 		else
! 			echo failed.
! 		fi
  	fi
  
  	ssh-keygen -A