diff -pru dropbear-0.50/cli-kex.c dropbear-0.50_raf/cli-kex.c
--- dropbear-0.50/cli-kex.c	2007-08-08 17:39:36.000000000 +0200
+++ dropbear-0.50_raf/cli-kex.c	2007-10-17 14:56:57.011556128 +0200
@@ -278,6 +278,13 @@ static void checkhostkey(unsigned char* 
 			goto out;
 		}
 
+#ifdef ENABLE_ACCEPT_AND_SAVE_HOSTKEY
+		if (cli_opts.always_accept_key < 0) {
+			/* The keys didn't match. eep. but acceptance is forced anyway */ 
+			TRACE(("Host key mismatch but acceptance is forced anyway by command line parameter"))
+			break;
+		}
+#endif
 		/* The keys didn't match. eep. Note that we're "leaking"
 		   the fingerprint strings here, but we're exiting anyway */
 		dropbear_exit("\n\nHost key mismatch for %s !\n"
@@ -287,19 +294,19 @@ static void checkhostkey(unsigned char* 
 					cli_opts.remotehost,
 					sign_key_fingerprint(keyblob, keybloblen),
 					fingerprint ? fingerprint : "UNKNOWN");
+
 	} while (1); /* keep going 'til something happens */
 
 	/* Key doesn't exist yet */
 	ask_to_confirm(keyblob, keybloblen);
 
 	/* If we get here, they said yes */
-
 	if (readonly) {
 		TRACE(("readonly"))
 		goto out;
 	}
 
-	if (!cli_opts.always_accept_key) {
+	if (cli_opts.always_accept_key <= 0) {
 		/* put the new entry in the file */
 		fseek(hostsfile, 0, SEEK_END); /* In case it wasn't opened append */
 		buf_setpos(line, 0);
diff -pru dropbear-0.50/options.h dropbear-0.50_raf/options.h
--- dropbear-0.50/options.h	2007-08-08 17:39:37.000000000 +0200
+++ dropbear-0.50_raf/options.h	2007-10-17 15:02:09.107121213 +0200
@@ -235,6 +235,12 @@ etc) slower (perhaps by 50%). Recommende
 be overridden at runtime with -K. 0 disables keepalives */
 #define DEFAULT_KEEPALIVE 0
 
+/* Embedded systems should need an unconditionally acceptance of
+   hostkey and store it for future use (with sftp for example) but
+   enabling this command line option could reduce the system security.
+   If you are not sure of what are you doing do not activate this option! */
+/* #define ENABLE_ACCEPT_AND_SAVE_HOSTKEY */
+
 /*******************************************************************
  * You shouldn't edit below here unless you know you need to.
  *******************************************************************/
--- dropbear-0.50_orig/cli-runopts.c	2007-08-08 17:39:36.000000000 +0200
+++ dropbear-0.50/cli-runopts.c	2007-10-18 10:21:31.614425011 +0200
@@ -53,6 +53,9 @@ static void printhelp() {
 					"-N    Don't run a remote command\n"
 					"-f    Run in background after auth\n"
 					"-y    Always accept remote host key if unknown\n"
+#ifdef ENABLE_ACCEPT_AND_SAVE_HOSTKEY
+					"-yy   Always accept remote host key and save it\n"
+#endif
 #ifdef ENABLE_CLI_PUBKEY_AUTH
 					"-i <identityfile>   (multiple allowed)\n"
 #endif
@@ -159,6 +162,10 @@ void cli_getopts(int argc, char ** argv)
 			switch (argv[i][1]) {
 				case 'y': /* always accept the remote hostkey */
 					cli_opts.always_accept_key = 1;
+#ifdef ENABLE_ACCEPT_AND_SAVE_HOSTKEY     /* always accept the remote hostkey and save it down */
+					if(argv[i][2] == 'y') 
+						cli_opts.always_accept_key = -1;
+#endif
 					break;
 				case 'p': /* remoteport */
 					next = &cli_opts.remoteport;