From b6c76f26664f40a017b6edfcfe3126febdac08c8 Mon Sep 17 00:00:00 2001
From: macmpi <spam@ipik.org>
Date: Fri, 12 May 2023 19:10:20 +0200
Subject: [PATCH] trigger new keys generation if supplied key file is empty

---
 README.md                          |   2 +-
 headless.apkovl.tar.gz             | Bin 4923 -> 5024 bytes
 overlay/etc/local.d/headless.start |  18 ++++++++++++++----
 3 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index 23476e0..2da52eb 100644
--- a/README.md
+++ b/README.md
@@ -22,7 +22,7 @@ From there, system install can be performed as usual with `setup-alpine` for ins
 Add-on files may be added next to `headless.apkovl.tar.gz` to customise boostrapping configuration (sample files are provided):
 - `wpa_supplicant.conf`[^2] (*mandatory for wifi usecase*): define wifi SSID & password.
 - `interfaces`[^2] (*optional*): define network interfaces at will, if defaults DCHP-based are not suitable.
-- `ssh_host_*_key*` (*optional*): provide custom ssh keys to be injected (may be stored), instead of using bundled ones[^1] (not stored).
+- `ssh_host_*_key*` (*optional*): provide custom ssh keys to be injected (may be stored), instead of using bundled ones[^1] (not stored). Providing an empty key file will trigger new keys generation (ssh server may take longer to start).
 - `unattended.sh`[^2] (*optional*): create custom automated deployment script to further tune & extend actual setup (backgrounded).
 
 
diff --git a/headless.apkovl.tar.gz b/headless.apkovl.tar.gz
index 802c8a823e0bb149568c55d08124d8a270b3dfe3..c2a2dfd0f147b3f8521dc1f78a64db6b43c03c11 100644
GIT binary patch
literal 5024
zcmV;R6JP8fiwFP!000001ME6!v!h0m{%U>&Zujhr&Ai8bt;dc*2oO3D0(8LagoFD&
z#3}Ilzb{gEd)hs=J9f9-yA#nF@m>L$RA%K}sQlK2Kl_~lnSmzB$2h~g<Kr47FbYFa
zoT9ML5EQ|2>@$%3y#>2N*R*yGf}ho8+5Q&Y`|$sw;LrAd_WZ!^vi5stUgP(TU-z-=
zHy@72-M|z<{5R}RP&ED-h<rE^ejPs9A8wlHcg+Eh_^00&|2To;IEo?EY=0ER$WQVA
zG2o5;=fCfxvT47s8~gjzAD^qv`A|IG6aOeeQ}5WHybqt^|0BR`_ovz9AUDGTS0<ZB
zM;8<Bw@dE8E$)xQ!*Zdki)$7l+mOKJ%a)8id>M>lKeRcXUiCsS7c#P4MR8~JCnO;>
z5;~kRGmP}mR8u`L)}7AptTb_Ho?Wa?Fz>C|UF3-JKHRUPR7-D#&c~YDVLaBsJIZaA
z&}l_0>@A_U=k|8$JL=esCk7n|Z>!1OhU3<W?2h_jb=mVgO?!P^OJ`oVY))&nN04Nn
z?6J+BA2!UbGpeY-&cs2R5HW(JEtxDM&A&>R(aMFmM&k%casghiuH?e?8l?|ASir+>
z<DfF8?+?x%-6Zn<Qu~{p+j!T4fc=HG?t5z0@F^VSap`SNS1G8{ZlNp6{>W;p)hT2k
zj6~y;tCUG?kKHM2p;ca?&2sGuV=Rol*Wwdv3&x~5wsFE2hQ#}Yv>T@586W-3aj;3>
z>?YdseXsY7(vh=s6P^MQ3e*<aQ|MxixS~NH7JG*!Z<^2x%-UV&bX59>4b+g=n+RpR
zbMr%a6Z7PfSudSjPtNHT4sf^6&kSNFmRjFZ1i4w|keQqG6m_^Gw9LxcZpWlC@a9|a
z?*D(avnnq9r^vUx%x@at|Jr*$!T%QiDgXN(Mv^FduK^#5$0Ps$bKd`{{!=*qPW~q-
z4EdD*KL$MAVIfGe0`65o(e)LmYVwIQ1aKpm4=mu|i_9q=wV}2yY3n7A`oJwDvUl?1
z{ZeppwzCf08@SgEZa3Wjx08#7t#t+tqhcIy`#TZ8IFQSzmnMe8P4%?GP)6fTuWu&G
zthsu5b2M)U9m)`L{rep2c&As2p9oh2xP))d`ahi%xC_naUAAy{ff(MBV=c#>TI>@c
z9Tay}v5>NF!*Gh*p700}U8Z}9anxbyh3qkKE;nHvVGuB>Row86Dz+jrk$k))Z^T_b
zakcIpT;t61ZLrT|wmnCgdDa^1qD<W3+i!t~Y6WHa>uUcf_W!N;|4=>P`}TixxWC)~
z5h(E~{yzrX`@h#FfAoO-s~#}3mNKds0(pNXi@)srzvTO$`h<Ti__h7thve~|`cEPx
z_HO+r5c*U6e+>8?>;EEq)PL_$soerlq6cc2U%nHX0yi9!!LCe&C-%xHj*wY+1I|Pa
zv$a}slU6s0(-r<km~~2{o(u_okOHE0mgQq9ElHt3Mkfsu$&&H?&>u837>aqXDW7lp
zvRuZdC0IKP3Cr}dZNs+ir+u;I;7o(20B}ucL~Hlt&|S9OWr5=ES306^<B;RcakWd+
z1v-Uc2jLDy-Lfze$4ob9R*|Q2YU3nq_<rXADP>x0)(L{kF3cc`A#)&(muu9fw7$OS
zo>_V_8L6X2b%)E!SvthFzbV8v&RJbalT?~oy&QpMM&WTi@P%DLDjptnhlV1Wt5m`&
zuPZ&Xqk^)w;W06cOg(Bh)Kt~B^UUnBv}Fow>dbP22q3SX!;P24u8ejy?syD*jsyld
zV=3wl$6Hubw`8|N#g-|mGsZSZoa`X%QWOq;q@;0us%7zV1A=0ry=B)PbZ@mdLI`K%
zu<stV?M>w`ywwr*D&_lnZ#P;{9dhPU@_ZR~2be!#WLl!trpH+v*pgYVNHS(njHM{M
zv%OoN`ARgM7Q1bO1vZXMNee7}Z<k_4Jr2;yKzC~N^KTKr-PxoCw-aSXx}KMZZkf2z
zymMXSt^&(vn8zGnuQsk03dy1Ir46}fFS;773UYBi#k{y#gpdZT*<DV`@-5euso5fe
zcVX7Z>_K943@MJtB~3CUPu{G>kv6wB%}muesN^wda9mR7EP;z>hz2TsT3@EiGD2D*
zCQ6RWchR(7bDm4c+rGu1uCYv6bE{(t!G^x0cC=X%TdtlYa-U0q<wT2>3LMTW!tC?i
zUKFX)vGz#p9*gs4rSDCHN&Pw%Z`goAJk1zBPgMOev1D@5(8ud8B>k4SGF*jSfgoWC
zQOF^<^oNZBN%kf}s&i>UxlV}koLdc4aJ}<#qMhQrJ`GsBZ|e<tKI4RM7w2J@4aP<W
zj17z7fr^%zs)%i+TwHNyt|`}?mWt*CYwFbYjv|+n+GZq)vFJW(;*&itPRxa5ApAhr
zN1*_;;iR^lK=ybc3OZv9*^oP(6p>s_O?fR`sN=d9DK5Oq+f*G=rL#7Qt=BB<jgaL`
zTCAi{4@ib#h<U=F!mD<cXs^-n!E2g+v%jhSBd6@<{PJ)M?(E@bA`MnVhaFRlS>}Q5
z-YzWNLcn-k+Y)PUAm19Lk;f<A5{~^zxl9o%>C4SRR7R;kn-tfjYN9nB5hwW+lDw2i
zNEzMI^2#U;K<9XyONDz|PCiQeVj$d*<j{4B>B;CArVG5|C>3iiBy5p>k%@{;Wschv
z<i5Jn6tWQ}JBolkqq5^TrMnGs=@EHA#Qip}^$jPYC|atmEDLSF*pb^|?;0!hx@CwF
zW3KVUBnv|Jpwv8g(F8DfAs6{+TQV2)>KJ}vO=^DOspC<N`5YOELvpaTiGdB<+v;+W
z3q(@YT^t8z5xE5^8zcS^*8y1Q2!~q@^-kRl13KWs5?NR$L!{JAi(kEXtGDv0+NmMz
zsnnsvw`3Rfp?+E7f>*%N!P$hC4%~|Le1P_bf=vjP5oO#-+b+~ZYhX0ll#<$FNf%v>
zY|>4OYPD13Ij3DFOXBzl3NB*Y>kV}UBqgFOVOR=_X1mOf+slYHmIEIK8xAHbnJgJy
z)FFNBkwfU4fkiLZ7YypNWVx&$JPdT}?i4_e`uX`(1*nP9!a|S{TaOW$Sl(oJoQjQs
zrQV8E3EK(Wo2CZ*b>y8B=D<<WQxqji=;RWL0xW6i0$~MJ!u7;>TlSbhD;#riy~KK9
zXGl7$FHh2{CsFfo?GcHfuJ)>ARHm`6#R4DA^FB^JV12Y4=zMc@5~DGtl4RSb+_JOE
zrLoWAuH8oY+K4-3u{}j0Pvp6VgodA%MySbUZn12#Vp<>IRHV;6$*f2McIXv*Eji+}
zfFq-~Lyn;q-kQ5@t8njTyR<7G1@^FH`;~DxZz8s?mBCo$1R&|fAqWM$Zcff3=l7?h
zqM$qY;6tq`*U$|*L)AQwypv^h!P3}8@KIt*ZUrrD59bKtF6)FO0NSxH0m<EDIWH&r
zI`}@m*A-Ifrez%DrxiMwcw;rDL^CLbB4c!v_Y-|wz-zYZ9T_<=V`A1oA!alSjS2^w
zQ7Iouu5Y}<eoJZeit#U`2d_y(F;}*+cbs6@8W_i<mUFnScf!4)@TizmZWRD4oXKsm
zU0ri&){i3uS^Xr5iZ-ki_x=TYt{OYu-fLZIYeg25RSi2CA(B$aqS92JnM(rWK&YXU
zII;qpq(Xi*{R{0J8WO)Qd`N+*yz1F%;)RIx9q$xWm1)f$>QAZFXuB|C!`o_I73vOH
zdGJ)lgFRJ7u{ta_rFktIa%dRND5ili$i`h#xdt@}svQa;PdN_5hMG9@`B~=9*X6}x
z5*eu0_*&+|i%cIWriRzr+|lSPZJe&nhGMbSUIp}`(oDM-Lbhpk-d1Il%a~=%igdJU
zZj31Lhy#aFSRV>1z}N7-+gfO&gR#g#5*t^_I!i}O>nx^@bei1Z|Ig=$Pw<i9zW>Wg
z*Up~3-|aWx$M3)IJ^w*qG(n^HgC7WrQsk%eA0GwYw*Q;YHP3gIe89#2w*65Ar|5s!
zA0_Vle-i(6{^O&-mtVk6T)<5P0AGT9S&elZMlFaT7zRGw2mH@qZo7FE&v;#3UY@qG
z>lcmxBzu0*#zE}Y{|@eC0{~8frptTf+ZV_)_2NFA=6iANyDiwXUfH#vU3j2h*Ja&+
zZ3((%(Uh4F+6`E{&kr92z0z;MqHMve3}^DOjp8B%{G0EB=y$N^_wbvyu<!m21%R0>
z^lR{`X~CC2AYXp@HT)y^f_r>?1h;X~-M}|K4c^Z-HEnHIVE^*9q@XjtUfV2gp3cI8
zaGO`~^Gr4?r0lcGZliBs{s|1?S#&s`*JFcExqb8es*S)|L+x1kpa(wP3Bf;p4L^VV
z$N8r2X8up*YjglU6?X1}Uq9PbI#2pMJKS?PflrTh&0HVYAASV?;~Vfl9|D6<DEQS~
zgDXF)z<SnOncvqClr=b1_V-O!RaxxX#VegQO$6RgZTU4&yHBsrZ_Q79uP#FH5zO;s
zv-$kCt3btXhq6w=xM=-)-YxkJ5C`Djz^4Fw@$!e)i~bS*IiKfQ@4*Z3@85uJ<QKr_
zzo_{0><u&9JCmU7X2HIA0en8M8MHm`9l3$e<6;&p%Vu>_2=ac;@I6ue9P>+rfS)z~
z`^CGv*iRw`F>u$w7vNhW5ya0#`iHJwOH#a2;#-I}n)&k10(^a<?ky#QGmAUhrt;l;
z)OdIA`w2aJ*zDA0@o>}GWMyrKzqSsge0$o*i?6icdw&L<F3!9;XnsM0=jZ3y9(Ny_
z18IH^zWh_xfN(Q5u$$RUb6?a~z~^2GeEzv>H~!3WCj7%6{)RlUfB*W&`HdMdi}clf
zxRbQtU;gqW>_zaq?|w}yuSo4~j`x@IWUp@H$BJLRlES|Sds#WQn*y)U^Ng=9zWL_A
z+PSjcwv8a%SMgVD?ZP=)DI%#OA>fCkNs*!rAf(7!3xgt85*vzSct{b@AD?e_c^|Ue
zDnfy90mIUsvoo{be6yrYzj?el`-=9)3ffoOyQY^eCyvC4e#ib|H#h7O0w&S&?COBq
z$Brf27z)m7NO+@;M-y!{9%;|CNzuACW4<>Jd8=9yv?-Ys4Ac4UP99Owg)mQI7J|(4
z(QH1_G>v|`o5%FisuUiX7CElR#bM^w#%EU_B02^u-*x>xeexQ(XIv>HX_w~Gd1}wH
zuCguB(-IO>$v&{*FSQnB9rAz;Kd~!vt4`=3*Lk?Jm7u;B6C~o7+S4VSA{rFoAm-Zu
zXcHb7Wqqm69~0Z5AnbTQ0kv2Fc)$$y6B@VYECD)1h)IAO4_dJqK*bMY$M;P4z=F`<
zIW}rP@`DKV=FWF)w&orWP3pv;bpdoDdYL=UVh8HVLWLiIU?2cnfz(L)e9FF~%{%MX
z%8?J^l8>M|5L#+)RLGu6%jv02sSI8wgy}dMLh5%wBHt!{0zVrpc(`@qH`^dSEK==6
z>_7)jw!FvwekTRW%2%d`-Iw{rv!$p~<hi+K@~gmerFwvxV<6hYNsdx1m0GQ^y|9!S
za<=t%Xn@r3U%nG7!_E}h4s7pxk6<<~q7%0<&E6q?#sciu^q?n}+Q$Vzz=u4(M?`~r
z?;QkH(j<*ey@11)w!4bn<@3j<^z`v*Wz!?9<#>M+lgylqS>WydR?7Vtc7a1~1#`^>
ze9{Q&Ri1IxTr(5qD9e$!lBtlmmk?qVLL4YfM%h!mYw#9p{|3#L_uBRz#(iDWN481|
zi!E!H+#kJ!6t)wYOPA9?nB-PCsTeOA)HOxrkAiV>@^RW^W^ic>I`y!wkz16J!G$iM
zc)_l~@>VH#&NNV>&uWbyKdRXSOj<7e56f_Llv!pFZaaNP8FcYKxIsl&LOc>!+DvZz
zn9=i%R|np&@gpjiHbdB=$W^BAgk1%9UyugK8c-+PKfrc}mdi~q38<MqBCSHolsP=4
z48W;CBO?j3JdUx4s2f`<a}J8cuw5fRQ%6iVOaiHe+G(x;bH@qDhSbryMTHa_Z0_c<
zA+M<C6>yAU*cwWe+-cfqQr4CS@4RN~+X>Kh==!D&dDeG`13XN*OsNyX-jX*vSkRD7
z9!JuqX|Ckv#pw1M7)6|)MrM|HW*l=50d^E^N;z36rJ7Ht$A$>2SL!gjS;?9yH@oRN
zAuYorD|7<T2s81ljf^Uglo8cmha&qTKw*ntU$Z}dpj?rTK>O^k0X6J<>LWs!wSm6b
zkDt5!SLD{6t^H+oR%*WcRn|D|?|&xRT%S*7WAsxseLm~&e=kvvVAt8!5buA@y5IlQ
zRlQ_?UA+H2o%Z*?mni@B()XG&HcBOYaS7#zG5hextKl2+BDz{woAw&N;9@+_`iRCX
z9J+;aM4l~4eZ*4dqlP=Wg1F_TF`F3L%HYop^@Z_b!UW9|ZL66vn;RB4mbzh$4Q}?B
z{%=YP!8!XH55j*9^{TE;)gJ#ZQSKqQXIbN3{MY7%{Z;w?|D=Ea|03mofd81njeHjJ
zPl*#ETeV|<$3xdV+}e9fV@^~oksv#^R_jsxIi@SeG{eL<MWMb*>bgC@Ke>p@`NVVi
zj=RxUdIRLN_dm-2|3TAx{J%`8+CRORII|x--2OVzh2H)bDDCza_fcnCL-N1*>Gs#g
q<B9$q)5P7F<2f-{$$3R8$~SKRzVxLped)`$S-t?2W+6}jPyhflffT9$

literal 4923
zcmV-B6U6KviwFP!000001ME6!v!hma{@VNs-0sPY&Ai9HC?30l5St_r0<^$ns*4@O
zDprBx{~o07cI+N|x{|aznW{cj?_I<>+;i^P?}ecC;4gk>KxUvx@-fcv{`j~?35>!}
z6sIWc3j{@Q9Qy(!e{aF=&^4`7gWwl+S+@U(?nC&0QV3@IKl?%GbXoh_o!9uf3F<!a
zg68A#xEq)vi2sKD35v$Q0FjR;!f(T8`@>BW|E@XU5&!gu;vXk)97i#Pn(dFG82LH=
zKLxzA|NQqlE}Qms-8iq)V0^AR_ha$+K>VW!O}%G-@;-cy|4#t3-JfQYgX|1TT%8;a
z9X*V{|6H+qc6q-Y?N>`fTVAsW*+v8|pSNV<<EwBK`k~G7^lB8mwUm*q6epe8ACU{8
zlhFQ{Sy606mX;c!x$X>3vD1r3bBm>PggJk`P-0h*chPPgr+RuT3@*{V4&$&6Rw%Do
zK}U&J7q<(&J+-%E-%*EVJTmA&_*-4>HY~fo$lhq|rSp#CXxi`VT0C+5d2?KAJ%U_z
zmmRj*al?kWb!HV8*ooNd6C%WrxFs*ESP!luX0~!6tkEP!E;$dcr7OAg{6_7g4(9Qw
z+qkHV8N0o^LpK+Bcdmm?&u;u{LBPRMU-vyFHCzhEc~bhD<5di+v|Adgx;rd%NjgRh
zgpp`+^wjcFJ7aguT1d((v{|h^eoXkW_gj2gIJ`OOu45kYr73bjAu7XkIN@WExh^&t
z8)c&HAn<$NEL}M}HPJB?pipa(9fdB}h$oozez|iO<W1*$o>_bAoQ}(2zkwR^dJ~|G
zb8kT;ZxW7NG3%9^8<$ghg+tuy^Am$u7h9`uDT3VWa>%SrdW<{V<y%H_x7+d3n0WIY
zc=!K*bFwNaf~Poe{48i1;Q!itKg0hP{x1IqK1P!0;$8zj7LP~%|NFfEQ~jrK{Js27
zP#E$#|9=X2y2FweWfk0MylNN{sOj>NHF<EuTMsPY;>*k}9<`yi&uQyl9`%7;ie&HR
zhx;Y(=8MkWv+v+uH&|u3|8FM`i(2~x>_^o++;(>&Zn-B{aW75`i(A@J!ca!%EWd9i
z%BtCVb#rxJf%attdBJ^-b)p!R8eI6R37n&!&-y=|6u1k`<z2S)lu(FnmqRTlomT8F
zd^)I}R4pKN*GAElv_0Vy0=i0fBI9bq%8wR@&^_Pyb&Ns4q*Y17HJZ>0$V76<io6kb
z`2=a*ySUC;r`zD1$ZUIxGwY-`_F0|S{deC157qMO>bKSYN$mfR;{RjyfFIib&Efuj
z|3{$2=lK5=aPR-#n*7lNa&LOT%wEZ;YVzd$o-F*j^Z%Off9@0hx!||<e;<>_2kJkG
zkl6e6pFrr(@&75{cdY-*>{0*yN2T@(K#d=$VSe~dXz}cDxC~BZsT{FWM`47l!XI!Z
zcA2f+lAE-;iL9Y=H^Qn@8uev}55g1>?2{}XN^wQ<1v0v6bP;VC-wpj<N5i3*_nPwQ
zW~|CpV%fZ{*ho~S=WQFcbwBNjEemHlG=+d?K_gmwN0;uht&)YRx04LS*d`InS)-(+
z=@OlysDp5qqHb9f3u9)O^g@-Va%z)H)NsAx0x4zLi>%{$Z?Uw(IDxEzIGnF>o6^Sm
zX82a=%VeyLI@RsZlDl$=ZGTgVZIUkxHNB+b)EeaotTGBu>VYeq3excCV7N3C(`=;?
zc6pVI%!v!i-bROuX=d6%zoC|<wViKe=anN<SW{=V8^!>6^<8#6FO@P@YTWf1_!RRD
za>7#79}c&usBRZUL4}qnsuQ+okmRC3*tsZN{6LB0`dG`t`38i=MEk3*-5b8NJU|F*
z=5XL0^zBXK&Yay5j+AnJy>l8ptoAu`E;+7@x;@P8F)}UDYSZHj9N3asuZl8eQjD#t
z%E?jIC$17Kx5aMTaEXm0Q_}o`zPC$>svQPMGEqf~e|Z)G+?`EavWg%x;`OxJcdLsR
z&pX#O?y0bRf;r3$jB4ZQ5r5e?fw&=ei?gA{Qb8_H$Al9$%Lvke^+L%>S-$0lIyGB_
z_s`54nLS8o4iUu?xu}b#=*ye6Fw)l6p_!=~2aP<04UUW2oF#DK1kpfcOzZP>Ud2eu
zCq&7zxe`z7HS2qXyzN^I>KfaUb+0<45NsL>rO;MMY}tAe$z3jnwi_=c4cMO~!s>Hn
zCkRyO+B+oi4#jCB89U2l(x6U-8#Z7NM>A%?5mkS<*fP0n=)+Zs$e<;z3|nDWAiOLH
zfzKhh42F#fiOwcQs#9r0xj_i>oLfzl_x#gpqTS-OJ`Py2YwHbpI^jg%6sJMS26H0=
z=4OH6p@x>arV4GPo;^Xa)|6*WD^+*HHFa!zSCz|2YcrC>7U(W+lA|*&kIb25Abd~P
z2fhIG;i$DNPxg2r@CIWJ*^s-P7?W&GO?l0qsl&P#C^ovv+f*A;wX-*>W7G@SA0gYF
z^h8ae9uQ5_6!HsqjIR1gr2WRg2fu0h&F-cJkDQ{+`Q_mj?8(PZL>fv&haFOkS>>VQ
z-OdZTg@Ez8cEp9VfdYFJM-HDjn?LkN^*qI>Xsk9%K^?{ZWKnFFY8SoniR6+`5y^=c
z5h>$aT3#8o0q7iWbFuJlt0_R~KnVF8a@lvCYWXrcM(GmoSW3g1GYQ*dP-KGYP?_sB
z1-YxPG=*&V$%$iN$7qXjoKj_joO?tb5Mj5?Yh%L-D2kR^E6aS_FBNh->^xJ_u3Lr}
zG3J^~%w<W)K9pK}Kb`;vFXSRWZcFBjUR^V|*prr@IqGoG5-vwZVt?7&+lz?}+naPg
z%LO88nvx{pNkDF4x=4`VfExhJcZADIL#=4aFrWj@uaKpEGzCiAwD{Fewni%-D@BW7
zU!(RNz9qZ3kBsvQ=lueX_wFXL4d7O!r#-YYRcu1Aj3|>%+;)*J*aM@>mUyY{1?i#E
zxVUuFvXT^4o^#rHvPG7Qq3|puz0putKvZMO=7$x(Y__ZXusx4xW4rKvaNuyVFOw~!
z%Q~VDJ+hAiE41m=`iwz+c3G_|2#-R;zB>ibqd|T;Rv~I(G{59!#4!>?CRR7u8>eDp
zVyQ2Y8sWI1chj|yyN;ZD#9TNodWxb15uH3jRe=>Po*}HDO1PdFf4ewbAPL7j+$gc0
zS4`1Z7^|Zw^(1QTuRS6X)YXwnMq?WLS}gI=I_;9w2i6DMg-$ouATb(KD^Yd=$}2m&
zT$#Hp>Dq0aug#=GmfK?-aYUZ$NMr_SX-2wS=JsN7k(f3BSPkiOU$iQcfL&TzTuYWX
zF5%ehorq<qrN3rx+bY_5nUZ$pqrmQ0i(WGKr%k-5YjrTCoB%|l*oP61*Uiyg=G^Xh
zP*qfc_W{&eat+;}6I9Lf$cij$%LR>{`2Z!h<d)Z?c7KW?_PoB31VFpaIV9PeEa&A!
zUxy&TcZN!;-Ly)={3xM=g*SF%i8O;!C^E(ec{kCACA?l#y(=SoX1rK6PzV{lfJT*t
zt+<pAB-=Osez&D`T4I7T>BDQ%R4vIdcdi=_TN7iM)OPpRwZh*U3ZF_?^;Q9}%3ACe
zQ|g*cvwj>Q$nGamQ1wAlz55CFTs0KV+38*C=tY*0RSmltA&_FUK*gy%G3N`61CfqS
z!noiUmz2-1R&b`>eM92cWdNx#l~?_unm9ft1J^%>Rb|<;hXzw>H@XtVi|8h;t3p!%
z$%m&Z8Jwvy3u(XFl-9Lu$f03avzP|PBpYu<<vP?{P<>zUdCIaFHq^w4%TF?Ux~|SP
zbCH2+jjv@kI?MEdVrqD;&mE1ipv~j8*-#6tb)=A9R=VZ%e6(m9#oua-dLFZkkw{ms
z=EjH;4mhwM`Sre_LVOM1yRD@@y4V8Qi$ddxS!Ww)X`h7D6_1lQ{Qo(Q_za&I?)$&2
z^qlP3|J~jJKi>a-@cRz}qX~?}vB&#giX=Y2|NRv3bNjzLu6e$z<RdQj1NNs$ntadx
z1W9~8|NA8H)t9iF6mSy*z*itwR%4w+aSLJyhJjD_0sk|YJ6>KTGv3fv=cjGr1w|7)
z$$n6@Ntgunzk-Tv0>F{i4SA=2_Y!%gUf!qE13#$)uLYadFS{0W3LgyWx~v<pEkUm=
znlcMOrvYp4`Qd}0Uj_|Wlr5N*(M&$JaZ*G;a0@&T{T}v%9)9-}_Wi%005Fq9K@C1N
zE%@pO<g2f~fqw*FvX8?@aGMm}4SeU*;QiaCrmdX{>|ec=6m-Y8Yn#Q*(^*&$Zu1I$
zp2=o~lzmn?ZT#J<KY?K~iw@`WdK~a6cW!=AwJ|trs2!^S^ueb)A^68{;OB4tIRB`-
zng3Jy79E05g_8&1H_uL$&XYdR4)+{Q;L~GWGuH?9habUz{}%j@hrr+y3VwappcG^k
zSkHPZ^ZOdYvId9BdEInXl_j22ywPdX#Nhp_t)K>K@9FLLTl1a3uZswL1oJ%EY`&oF
zDo_pDp{!FdDcYc(cS}J7Bq8`$@F@gezWU+qqJM;c$>(|2d-xLk+qYmF2L<rrR~3Jn
zy<uj1XA+j(EZCPXffw_dLC5#slN)%E6tiGiHmj3DkPmZ)?}_S{m|r6Vf~*NXEZ*J4
zeiAWEfV&311b-$HLHt6b|I*c4Ns2d0{2Ah%X1=<!0N;L5_cJAfGmAUhrV6}!)cAMr
z`w2aJ*zDA0@o>}GWM%C{zqJmv{Q0zx2j6HR@c#_DU6T28(EN%7&(F`ZJ?=g<2hw~W
zeD$ZS0pVtBU@vo;=Dw(}ffs%Wym;X`O)#^Z3IFhizameIzkT!L{KSlyMf&<a+(}yS
zFMoOBcLMnR_rIl;H>6HC$NQ^!vNu1I$BJLQks`PUds(@TmjZ9l^NepUzWw$-2JL^g
zZ*4tl8&SBg_*YCxwN29EfXzZ;X&-W{Qnis#s=T#Y4fbHBH6F(o2>(9cnK9Ua*^5fh
zM)8r*vU5Fi=A7?*GdA;+&lt@8q<OYg#N%>09TIo+JN6H|xM1f{u*jw-HwWB4m%gcE
z5X5Urcr)nRL&xsh&NF9N)rLG5E56>=4r+=XYGxF}a4K4w5Y<fx^9*Jo$vn45W7}~Y
z`W&zB)2GoWBI7<eZY*>#3xBRy_hUw3FjG;aR`e}Cz&)>Pk*3EiSB|syEUUX&5<M*;
zHLcAT*86R*#tKuBu-+%uCAT^X9ppOqceWbT@8tx8__g|SN?B!tDjnovkpOMdHKS8s
zY4gX#b|?wU_*bA7O8^fTA$UUlR)Q5khYUFha1+BS0RyP0B$q1Y(V8WxTFL;W|B1Cu
z^?a#hz(Ns=lv5)Ht81Xs*^4g)%O%XUNfjyq!9W7`6JwF``BZRCi<e<zp{+n%wmql}
zgqG?L3QS9@A$s<Pv^p;f!gPd&*7`k=NCm`C;AfqQNEb4HyGZi&q_j@P))a82<^$IE
zCmGNbzTz=fU*{Lkrn<;7anqnqO=qj4^$KLhr;(uNb1>$W9$5E&#LQqi8(6#HcQ_*!
zc7KXwRa2FFUU`n*XPyeSP)k%`%^zOA*E7RQC@-$rO2t28(}m7$BET>!N$id#uojPD
zWmfKP1bBf5#$tthh~QXBq-5F$>RtMffF~}NJG*9{UOpw;Jl$Eejk#p}FY(Zgi!vXq
zUoDK@kFl$8=Y{6ITLqsSP=Z~S(mkAWqs)yQ$)M84gv8vm60;QQz-T5%-^DjO?=bft
zuxx#;O>c4B*0g-!YZ*`_{H&8milB-?P6*G4L4Xj$j0yVp{7CS)NT`~=g4~0+Zw!Yu
zCdlj{Gnol?k>@Z#cHBpI#_UwblV)?iriK`>S0u)CdtR{v4@WGy>9UUz4N*u46^Lky
zP}_oicAG9(FKq;LU3WBDZ|b%wWLvUOL4hdkMT!T|C%gt4iL}h9wMGEnsW@!l!$JW9
zM{8RiwhTk8dN<z#An=>c2Sv>DT*QERJDb-|1~p=jGyhFp^seueq4!}SJ3RQY3#-%Y
z4-MTjKa~lR882dgZqNyuG9sK|s?Pv~L~Qc=8}|24bYh_pXde9y0EzubZ4745VQ==!
z=i~mXPk2XbAHtRDp4WVpIrJsZt-t>mI%9V{9QDy|;JD*ad;fP1xdAm!Hiv%yXLS7i
zKX>5P_TSa-|6X3U_kZV*|9k28h!{JOL8UJtRGPDof4%CxB`>0*WypgNf8b(b%le5x
zOeEbxNPW&Sv@Bz#^HIe$9YL=I_eMj{nR(*5H+bQ_7&6URblq&^jmDlYys7K?eNXU*
zfTrJ`G*F9^&v7sOcThfX2bY5u|IZ<}P|K6daV!2i<7)p0=Kb&X`OkUe0pLG|h%&`e
z@u`q0&WS;;mLiS#`YKrY4wG3mMS*jvKMU>rb52)I<=GDZSr)amO4of5%=+69eK}ji
zkywf-`$}&B-0k^){rCTl+v5LuWOx6|D}fXH!TtB&CA!e={~4rt|MgAK$>uQpZ+!Rt
tcl!OI`vY_It(1&q4pwqnl`8qp_rH}^T4|+~R$BS~<O>TcL^=Ra000nD&d~q>

diff --git a/overlay/etc/local.d/headless.start b/overlay/etc/local.d/headless.start
index e7c783e..9ca648b 100755
--- a/overlay/etc/local.d/headless.start
+++ b/overlay/etc/local.d/headless.start
@@ -94,10 +94,6 @@ cat <<-EOF >> /etc/ssh/sshd_config
 	Banner /tmp/.trash/banner
 	EOF
 
-cat <<-EOF >> /etc/conf.d/sshd
-	sshd_disable_keygen=yes
-	EOF
-
 # banner file
 cat <<-EOF > /tmp/.trash/banner
 
@@ -115,6 +111,20 @@ if ! install -m600 "${ovlpath}"/ssh_host_*_key* /etc/ssh/; then
 		HostKey /tmp/.trash/ssh_host_ed25519_key
 		HostKey /tmp/.trash/ssh_host_rsa_key
 		EOF
+	cat <<-EOF >> /etc/conf.d/sshd
+		sshd_disable_keygen=yes
+		EOF
+else
+	# look for empty key within injected ones: generate new keys if found
+	if find /etc/ssh/ -maxdepth 1 -type f -name 'ssh_host_*_key*' -empty | grep -q .; then
+		rm /etc/ssh/ssh_host_*_key*
+		logger -st ${0##*/} "Will generate new SSH keys..."
+	else
+		logger -st ${0##*/} "Using injected SSH keys..."
+		cat <<-EOF >> /etc/conf.d/sshd
+			sshd_disable_keygen=yes
+			EOF
+	fi
 fi
 
 rc-service sshd start