Index: servconf.c
===================================================================
--- servconf.c
+++ servconf.c
@@ -250,13 +250,18 @@
 	free(def_sig);
 }
 
+static const char *defaultkey = "[default]";
+
 void
 servconf_add_hostkey(const char *file, const int line,
     ServerOptions *options, const char *path, int userprovided)
 {
 	char *apath = derelativise_path(path);
 
+	if (file == defaultkey && access(path, R_OK) != 0)
+		return;
 	opt_array_append2(file, line, "HostKey",
+
 	    &options->host_key_files, &options->host_key_file_userprovided,
 	    &options->num_host_key_files, apath, userprovided);
 	free(apath);
@@ -285,19 +290,21 @@
 	/* Standard Options */
 	if (options->num_host_key_files == 0) {
 		/* fill default hostkeys for protocols */
-		servconf_add_hostkey("[default]", 0, options,
+		servconf_add_hostkey(defaultkey, 0, options,
 		    _PATH_HOST_RSA_KEY_FILE, 0);
 #ifdef OPENSSL_HAS_ECC
-		servconf_add_hostkey("[default]", 0, options,
+		servconf_add_hostkey(defaultkey, 0, options,
 		    _PATH_HOST_ECDSA_KEY_FILE, 0);
 #endif
-		servconf_add_hostkey("[default]", 0, options,
+		servconf_add_hostkey(defaultkey, 0, options,
 		    _PATH_HOST_ED25519_KEY_FILE, 0);
 #ifdef WITH_XMSS
-		servconf_add_hostkey("[default]", 0, options,
+		servconf_add_hostkey(defaultkey, 0, options,
 		    _PATH_HOST_XMSS_KEY_FILE, 0);
 #endif /* WITH_XMSS */
 	}
+	if (options->num_host_key_files == 0)
+		fatal("No host key files found");
 	/* No certificates by default */
 	if (options->num_ports == 0)
 		options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
@@ -417,11 +424,11 @@
 	if (options->client_alive_count_max == -1)
 		options->client_alive_count_max = 3;
 	if (options->num_authkeys_files == 0) {
-		opt_array_append("[default]", 0, "AuthorizedKeysFiles",
+		opt_array_append(defaultkey, 0, "AuthorizedKeysFiles",
 		    &options->authorized_keys_files,
 		    &options->num_authkeys_files,
 		    _PATH_SSH_USER_PERMITTED_KEYS);
-		opt_array_append("[default]", 0, "AuthorizedKeysFiles",
+		opt_array_append(defaultkey, 0, "AuthorizedKeysFiles",
 		    &options->authorized_keys_files,
 		    &options->num_authkeys_files,
 		    _PATH_SSH_USER_PERMITTED_KEYS2);