--- /dev/null
+generate keys in dropbear sysvinit script
+
+buildroot upstream now uses '-R' to get their keys generated
+which is to generate them on the fly. We'd rather they're explicitly
+generated ahead of time so that we can log them.
+Index: buildroot/package/dropbear/S50dropbear
+===================================================================
+--- buildroot.orig/package/dropbear/S50dropbear 2014-09-01 11:20:56.000000000 +0000
++++ buildroot/package/dropbear/S50dropbear 2014-09-16 19:29:54.320096000 +0000
+@@ -6,9 +6,17 @@
+ # Allow a few customizations from a config file
+ test -r /etc/default/dropbear && . /etc/default/dropbear
+
++DROPBEAR_KEYTYPES="rsa dss ecc"
+ start() {
+ DROPBEAR_ARGS="$DROPBEAR_ARGS -R"
+
++ local ktype file
++ for ktype in rsa dss ecdsa; do
++ file="/etc/dropbear/dropbear_${ktype}_host_key"
++ cirros-per instance dropbear-keygen-$ktype -- \
++ dropbearkey -t "$ktype" -f "$file" >/dev/null 2>&1 ||
++ echo "WARN: generating key of type $ktype failed!"
++ done
+ echo -n "Starting dropbear sshd: "
+ umask 077
+ start-stop-daemon -S -q -p /var/run/dropbear.pid \