It also uses DSA SSH rather than RSA, which is what I think causes me to have to delete it’s entry from my known_hosts file EVERY time I want to SSH into it after it’s been restarted…(the IP is the same, also means I can’t setup SSH keys either, if I wanted to SSH without entering my password each time, because the key file gets deleted each night…)
The reason everytime you reboot, you must accept new server keys is because the server generates a new pair of keys in /etc/ssh and after every reboot when you first ssh in, your ssh client comes across a new server key. It has nothing to do with the server using DSA keys.
And though very tricky, there is a way to login using keys without entering password but it will require building your own custom firmware using the firmware source code, which may void your warranty. I would only advise one to try this if they are very comfy with linux and understand shell scripting.
To login using keys, you will be using your public key stored in authorized_keys file and I am sure you are familiar with that process. That .ssh directory containing authorized_keys file and really the whole root user’s home directory needs to be backed up with permissions intact in a persistent location, like under /usr/local/config/. Then in the firmware code in the system_init script, right after ssh_daemon has started you will need to copy that backed up root user’s directory from /usr/local/config back to /home/root.
There is also a way to add non-root users to the ssh login, using this technique but with a couple additional steps, and they can use passwordless logins using only key pairs. But it is tricky and you’ll need to figure those couple addtional steps, if you want to implement this in your custom firmware.