sshd: skip host keys with invalid algorithms

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>

internal/sftpd/internal_test.go

@@ -1987,7 +1987,9 @@ func TestLoadHostKeys(t *testing.T) {
 	c.HostKeyAlgorithms = []string{ssh.KeyAlgoRSASHA256}
 	c.HostKeys = []string{ecdsaKeyName}
 	err = c.checkAndLoadHostKeys(configDir, serverConfig)
-	assert.Error(t, err)
+	if assert.Error(t, err) {
+		assert.Contains(t, err.Error(), "server has no host keys")
+	}
 	c.HostKeyAlgorithms = preferredHostKeyAlgos
 	err = c.checkAndLoadHostKeys(configDir, serverConfig)
 	assert.NoError(t, err)

internal/sftpd/server.go

@@ -1030,7 +1030,9 @@ func (c *Configuration) checkAndLoadHostKeys(configDir string, serverConfig *ssh
 		}
 		mas, err := ssh.NewSignerWithAlgorithms(private.(ssh.AlgorithmSigner), k.Algorithms)
 		if err != nil {
-			return fmt.Errorf("could not create signer for key %q with algorithms %+v: %w", k.Path, k.Algorithms, err)
+			logger.Warn(logSender, "", "could not create signer for key %q with algorithms %+v: %v", k.Path, k.Algorithms, err)
+			logger.WarnToConsole("could not create signer for key %q with algorithms %+v: %v", k.Path, k.Algorithms, err)
+			continue
 		}
 		serviceStatus.HostKeys = append(serviceStatus.HostKeys, k)
 		logger.Info(logSender, "", "Host key %q loaded, type %q, fingerprint %q, algorithms %+v", hostKey,
@@ -1060,6 +1062,9 @@ func (c *Configuration) checkAndLoadHostKeys(configDir string, serverConfig *ssh
 			}
 		}
 	}
+	if len(serviceStatus.HostKeys) == 0 {
+		return errors.New("ssh: server has no host keys")
+	}
 	var fp []string
 	for idx := range serviceStatus.HostKeys {
 		h := &serviceStatus.HostKeys[idx]