diff --git a/src/etc/changelist b/src/etc/changelist
index 74b2d5b3..2b8aaef2 100644
--- a/src/etc/changelist
+++ b/src/etc/changelist
@@ -1,4 +1,4 @@
-#	$OpenBSD: changelist,v 1.68 2010/06/29 17:17:53 nicm Exp $
+#	$OpenBSD: changelist,v 1.69 2010/09/06 17:10:19 naddy Exp $
 #
 # List of files which the security script backs up and checks
 # for modifications.
@@ -129,6 +129,8 @@
 /etc/ssh/ssh_config
 +/etc/ssh/ssh_host_dsa_key
 /etc/ssh/ssh_host_dsa_key.pub
++/etc/ssh/ssh_host_ecdsa_key
+/etc/ssh/ssh_host_ecdsa_key.pub
 +/etc/ssh/ssh_host_key
 /etc/ssh/ssh_host_key.pub
 +/etc/ssh/ssh_host_rsa_key
diff --git a/src/etc/mtree/special b/src/etc/mtree/special
index 3a140281..49f3d93c 100644
--- a/src/etc/mtree/special
+++ b/src/etc/mtree/special
@@ -1,4 +1,4 @@
-#	$OpenBSD: special,v 1.88 2010/06/07 14:15:27 jsg Exp $
+#	$OpenBSD: special,v 1.89 2010/09/06 17:10:19 naddy Exp $
 #	$NetBSD: special,v 1.4 1996/05/08 21:30:18 pk Exp $
 #	@(#)special	8.2 (Berkeley) 1/23/94
 #
@@ -96,6 +96,8 @@ ssh		type=dir mode=0755 uname=root gname=wheel optional
 ssh_config	type=file mode=0644 uname=root gname=wheel
 ssh_host_dsa_key	type=file mode=0600 uname=root gname=wheel optional
 ssh_host_dsa_key.pub	type=file mode=0644 uname=root gname=wheel optional
+ssh_host_ecdsa_key	type=file mode=0600 uname=root gname=wheel optional
+ssh_host_ecdsa_key.pub	type=file mode=0644 uname=root gname=wheel optional
 ssh_host_key	type=file mode=0600 uname=root gname=wheel optional
 ssh_host_key.pub	type=file mode=0644 uname=root gname=wheel optional
 ssh_host_rsa_key	type=file mode=0600 uname=root gname=wheel optional
diff --git a/src/etc/rc b/src/etc/rc
index f323db4c..3cc9a906 100644
--- a/src/etc/rc
+++ b/src/etc/rc
@@ -1,4 +1,4 @@
-#	$OpenBSD: rc,v 1.340 2010/07/27 08:37:33 martinh Exp $
+#	$OpenBSD: rc,v 1.341 2010/09/06 17:10:19 naddy Exp $
 
 # System startup script run by init on autoboot
 # or after single-user.
@@ -607,6 +607,14 @@ if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
 		echo failed.
 	fi
 fi
+if [ ! -f /etc/ssh/ssh_host_ecdsa_key ]; then
+	echo -n "ssh-keygen: generating new ECDSA host key... "
+	if /usr/bin/ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''; then
+		echo done.
+	else
+		echo failed.
+	fi
+fi
 if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
 	echo -n "ssh-keygen: generating new RSA host key... "
 	if /usr/bin/ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''; then