From 7dead44fcf869d27484641b4271a8def48e39bcf Mon Sep 17 00:00:00 2001
From: Mark Johnston <markj@FreeBSD.org>
Date: Wed, 12 Mar 2025 06:09:58 +0000
Subject: [PATCH] Stop generating DSA SSH keys

They are obsolete and on sufficiently new versions of FreeBSD support
for them is compiled out, resulting in an error from ssh-keygen.
---
 pycheribuild/projects/disk_image.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pycheribuild/projects/disk_image.py b/pycheribuild/projects/disk_image.py
index f00e10794..286a2a25d 100644
--- a/pycheribuild/projects/disk_image.py
+++ b/pycheribuild/projects/disk_image.py
@@ -1034,7 +1034,7 @@ def generate_ssh_host_keys(self):
         # -t type Specifies the type of key to create.  The possible values are "rsa1" for protocol version 1
         #  and "dsa", "ecdsa","ed25519", or "rsa" for protocol version 2.
 
-        for key_type in ("rsa", "dsa", "ecdsa", "ed25519"):
+        for key_type in ("rsa", "ecdsa", "ed25519"):
             # SSH1 protocol uses just /etc/ssh/ssh_host_key without the type
             private_key_name = "ssh_host_key" if key_type == "rsa1" else "ssh_host_" + key_type + "_key"
             private_key = ssh_dir / private_key_name