Back out previous backout. It seems I was right to begin with, and DSA is

preferrable to RSA (not least because the SECSH draft standard requires
DSA while RSA is only recommended).

crypto/openssh/servconf.c

@@ -123,8 +123,6 @@ fill_default_server_options(ServerOptions *options)
 			options->host_key_files[options->num_host_key_files++] =
 			    _PATH_HOST_KEY_FILE;
 		if (options->protocol & SSH_PROTO_2) {
-			options->host_key_files[options->num_host_key_files++] =
-			    _PATH_HOST_RSA_KEY_FILE;
 			options->host_key_files[options->num_host_key_files++] =
 			    _PATH_HOST_DSA_KEY_FILE;
 		}