From fa083565409bba7215dfb7249a77559c33ec20ee Mon Sep 17 00:00:00 2001
From: macmpi <spam@ipik.org>
Date: Fri, 12 May 2023 08:41:41 +0200
Subject: [PATCH] re-order ssh config code

and add log info about temp key use
---
 headless.apkovl.tar.gz             | Bin 4822 -> 4827 bytes
 overlay/etc/local.d/headless.start |  34 +++++++++++++++--------------
 2 files changed, 18 insertions(+), 16 deletions(-)

diff --git a/headless.apkovl.tar.gz b/headless.apkovl.tar.gz
index 4c076e0d2a109934956cc81139c0e478825fc463..72fd7185160840783e156183eb46692ca6426bdf 100644
GIT binary patch
delta 4685
zcmV-T60+^qCEF#C9XzXaQiBj6v>*g%fu2-~eP6^X$mF{ZlI^tPB<)!o&vcbf)q8->
z;hx_;>%D;Ay6`7|Fd;M1B>6bb^!AZiGJk_J&+&)Gulv~boA;;V?qG@_{u}-$C>s9+
zMBX2S-=~lMhnpt)Lu<ez|LJ$-KThB{j$#Nk`yWLy@?-vg2zu@R`R|9QY}y~{#{MDo
z$LFeZ-j|Md<Ufkg)LZ^1?}v~1{{d+B`_t@lkeg|NE0fKmql*dm%O!W<7WbdS!+&z2
ztBY$EBHNI_<;#|gJ$xCAVn4Jwo?i7rFc&hiT}5$c^d}@CG!i<TGBb?y&{R`BFxH*U
z@2oU&X`WrIPB8DS*<Iv_@;=<Jqf|?8h0e#C+hIJ`!8^)rme6TME9@<yx99eD>O1P#
zj3)*i2yd&&-G<}ViR_O0VRhN_Jbz7leO*guUbt*dYqdv^WS{J@&7L1N%&jx3sKCy|
zL7NaUf}|~(EF;aoN|@2gg}6rJ2uX4QUazj?!u1-Z4?9@E!*1iCGN$hj&K}()^8Ql$
zo1WWv*Mflkg|_Z{YSr*59OZH8ZBADysM2nsE6V=JYOB>LWFU-0<CCkDNq=pR-6?CK
zRbHXZa_tIZER4O^;uC8N#-us6al#jd#QTM`8>ZtKAN|a6uu0$SCff3SulJ17k+X9X
zo&pgH)E3!O=wgkyqCp=Pdxs@&n$Qc(+Fj>#RQiVv)R5Pk2xYu;^Fw(P^W>6QFP&UZ
z&gm5naJSFT3}PmhTHjIxxqn&ZkeQqG6m_^Gw9LxcZpWlC@a9|a9{>MlXH{JIPmynX
zncp<P|8?|!r2j4bs{Z>PMv^Fd?*Z>i$D{uLy6*qn|0x`QtNs%dhJ395AA+9lv=Ag&
z0r#q)==us&HTlFD0=N;(2N!VgMdlQb-cVbYwDpolf8Z7p**p31et#-BIonwW?ls-}
z2DcmT|J%vM!qz$ihfy((xBXp+UmVC~)Jqe?;ih_8VJM^Vrq?$UW!7B1yg8b;gAQc~
zx&D2Ob-dFn#ZQE*0bIg2NBy4;3fw{Sd6zBRT_A?H<XFpbrxyD}NC(ATRV<|J+c2Es
zwkJG7M3?DaVjOi?dVe8%44lhNSVtHHOllQ3e4~o3h)g6OFUcEm$0x4Vy@P9<dA<$y
znasB5C^OGmV_lSqJAC^s@Gz~QEPvnZAH@IvEdSrv8t`5Fzd7CCUjGp&@iG5D1l`wv
zuU!6E1M)A|fSI+FQN<9*`){)N+rj@^vHx+M@UKO`xBq*eI)C2L|4D?z-tPYdLVwKv
z4?%xm|6gQ}{_j0HwOas6^k5D1&38dl;D%!|*p;d9#9kT25i$#Jz?sNlwpL4S(&{F0
zy29TGvrcK$lOe$mQb4rMvV1J1B`Flh=%isHSu(yK`h$iBLox3)<?~Hnmdn_*1Z!s@
zVVPdGZP?cRw0|$Q9Gq#;6acOXjcDzj9J<T4yDU)L{YpplZ5(pEIj(kTx<IEe>>%8s
zs9P3B;+W|M%_{O#PHmio4d3q^Af-%;%{oDF*@YQIF=P(J@p6sYl-Acb-7`y1CL?v!
zsP1rCIZKDw_BVyt#yP7iX_87)tCu6N%qTpr2fnZ?NPoq{qwdg9M01r&Smkx4XLeLj
z);2sQhLNd9?S`7F+IF6qU6!^?VNIP`P7nd))pNM<ve=c;uErgYfzOe^AZIK^z2SHZ
zi|Ur_cBt4gMRms528oj$gk6fl!H<+Qu1~crUT#28OtiP`+Jo+`7Dou-j2!meqqe=N
z{DrqV!hc?+d|&VFMhmJ#&Rj~KFT?Ht^9PJfOSIbbIEw>YGV2vd#te$F6lHg|ck44>
ziKf$Hw{5V%#*ry$fu--urC3pq1GF;Gof`e}Sp;woHfh1_M46GU=jEYWCT=wET-Ug(
z!15X9F~`@djjM%1a%g;ML+;s&u12eZT%1oaFMn<pA*2Coc9)Z~e9LuZYPN{rU6?g8
zN08VYLy9AENs|o8lQ(N|q|L2OGgCDVDtQbV9GBF&O5oxdqJc`E)|ctBjF47{iIU^;
zT{NxNoaYkqwr?@0Yb;aN-0GM@u%Yj$9c`Axma8X;+~-nYIniRJ0*CX8F#CMB7e%Uc
ztbaWcyT{_ZS?PPzU{b$M#TzzY5Kl9P&l6RDOe~pPH1zSh3rW8vt_)XUS0G4OLKJcc
zF8yI+K$5+Qkm_7oP_7fAJl9qO6<qJUoM@*wuTKLO@7sDqp3gYp+r@d<WrMMi0b|2r
zc%Y)CrYd4vDHm7VnQO{5r=_Af!J0a?y?>*~<)pS5Nn$LzkDB;okBbv?AsGli(DhL$
z0Bty_EhmsYUWkIu7(+JXPA5eqS5s473m59R?nR0Vuktokhg9jTjbiIH3wtAEIg=JE
zDbxd!VHjeb@Tc&qoh909bbRodrr+#us{g1dySctR!h$<{_?bw9713eG6l0coV1K)}
z3rn{UFkaWT#M&Fkw?=8?@rk#DV}DXEQ-n(Ta<dSXQR>eo#dWEgXpKk2Nj`-nFC`LE
zMz^%QGD-u`Io{?{;og>$kJ7#v2sb1-be&>)GCGFo0`E9V#hMEVTclrPqGD5-<2D7k
zudXzOY=p^<B4E#`>^M&8Zi8HUM1LL-alg%LeZz?;ik50C%R<{PcI0;0yT(erZW&_4
zm}@*S$%2qQC^ZjWGyx1=$VGnImdpjcI)<NElbT<6>UdORK1W94kQ}USVqnAewz^#8
z0+Cd87stU_L~cRK#)yB!bpRGR!r@j!y;FC?fDX8@L>AV`5Gi%j;#V);>VK_#s&;A!
zdn$G4@GaRzeW+iSxZo9VbZ|DIr31GjJs+UGp<ok&WkeZw(zXjV(Ha;{Hl?JtSkgsT
zBb#*7qFU_~d9G=f$&xref`W?}_j*HJ0ZEA{OBj~IqS-F<<MuM5jpe|H!G?p$N+wH2
z7j;M<d*l%MW?<3F^#z0aEPq)pD+mt*-MR+_(4&5SK2-r~VzjUjWW?5EL?)Iu*&U~1
zV_>PbB2~h60{5n=0e>BN=Y%<MRP+=@i4r=wgrWdTTDm}3L6vYlG2WIvCeRAUTwE`)
zUf3Cu&g#pPwCYLJJY0K3BB-mqDjAh&tZT8rNAtXoQx8}lEeAT^9Dkj}XiTXj+4d>7
z?5uKW?6bIQw^6<};tpACPf^Gdd9ER$;ish$YI2!dESs#D)(1Eh>2psqE0Ta6dc|H#
zjyNsg$ms2mW2l9<=5E_6+`HK>?aD`kJuKONWgO0%h^=d7FjhGMNP2MyLIJOvle5VA
z{pqME=ng*kP;1IHbbo`+P&JPu?_^nBurziNe3aOdTR{uk!#RSu%Q_(mfOhOlKyo)(
z&dZ6u4!)1?b%j*AX&DFkX@w3Z-dK$((F{tV$QT{v{X`!Z@S3f9M@A0Jn3y$Ch#Ad7
zqr$;vRLVz^>l^Q|-%=XAV*Cr~!E4e`%$05I9VZyJ2F5X|<$oNm>z#04P<T|#DYpuM
z70%?g*siX*H0#F^f~<a$L`54`ihF;8J$H>AZ|}7(wY4IP$*P8(j1WmFWKn4<&&(x(
zaUj&tNgP>$O;RDhn*N1$4h@N47e1uGR9^LLHSt13`i^%Bs>-zH2=%AbYP4M#vEgmC
zt_pPrtUP$C;(x)ODx+8(mYdSNmJK;H3}+P6z!+rXE~#9DngrDjg^;Hlhhalaoca7L
zbLZ>wVljyfRBL=KbKym%j}%kGYi(Z9=qzoVuFZyGvDRJ%^rF&CyB9*XX?EULWt7X9
zWz33nv}#@$QQ{E?4x_L>6jXq(;rnW9p^Xm4A_qxqTz@I+EFCSavzR*4X>y1EKaV3m
z(g&vd{x2(CJA3y2uy??Z_rLG_{)511oSelT?|&)k<NMzaLT~#2_2Zi7yGh>TWZ&U`
z8mG{={7;a?$M?S<gueI;cH#nVA^<oEnlA5^Z$C$#sm}r63sCdDxc1!^Y+A4ETF@>$
z(68&VZj<~AD>C(6*mqx|05FS%ehoe~E%@R`<clx9hJOM-=N=Ca!EIc0H}G{#g7<He
znzptpuz&FilUWQ)e_{vVQ(@;m`1P}0rSqWAbHF@@6ZrI)*R1uy{qZO8-@gI>;{h0a
zLcy<q*@Rz!y5DvcsQB$r)+rbltzXYO6u$xD0Q@`n6o8+<`0*9cpWvage`va@%3{|p
z+UMC;!RO%j-+*o87r>{#X{>V`#9;GK5|rIM%g;UsKAmxbf41j=zZ?(vG%n^~&$8JB
z6oR~4Gkh-&zvTRuAmC?>|898qu=p8b5CeA$d<MP&i6DLf=^wUwg`{|C#5WkPE%U`)
z1^DVKwl|Cn&MNL|o62`*Aij5xn4j5mRLp@`7LU-HW4x^G@b~7Sly46ExbdYGeDANI
z)5V!L2l{Uye|Ua=p8XM&^~~$%-@zAu$r=!D#s+pXyJ_x|`U?2eD}hfxb?wHVRnCHc
z`qST$C-(cVf12-@88f7>?uWZb3;ykIPr_aVzx(d@tnyOS?&chQF%S0gGJeeX#Y+_a
zJweOLvE3AS$(~1idGgIS_oLrN?_Hx8xz%rL8#23if2Hn`692`x1HT8q{1W^S0K3L{
z@8+1pzKz|NJaDEtU+a6FLy>0!dq$oy7$g3{4eiz+?D1zV`UcQnBYO#K9<I##mnr%X
zx!0-t*PU~8V+iw1(a-<czP0VPjRVnV>npf!vAt}aO=Kt83dlpRXweohy69VhK$d8k
zyOO9<f0AAQeb11Rt!plT>poNi7;$*#aOTVzO15pAKK<3F^yyRzPhF1;H|E-zxwn#R
z{3RtfSjsSz8~PTvaL*ZAw9-D!72`CXAC1c`(Gv<<rd57nledi;D^NUPlW%NHX4MNF
zWIFdZHswu<*JB&l$~0xND)q&bqy<w~2?rUEe-faL+A_+t3Y|YDhCzW-#Ls|QECD=V
z1pf*3+i;cx9a4!cFMy#TuneFglT66i4Yw>&axHw6{?E5MJiBWtd=~JSE0-EEXk7yx
zMe)>KbCwCHs|*z~;c<$f=_N)Z#WNxQnl>+j&cYL^M6l~YWgwAM-zqRItq$*L3~7yC
zf8>Pea1FicPe3B+6Q_WkjpkfMB6|}h*>+xNCuLi5I8*Z(`};@=G=(qS7`v}>g1;BK
z$TEJ@v7E}9t&v`rFH(0Aa(X5PWnSrlb?*nv45p)jRd>JkjM&)yX^pj?syOq#<>+&E
z6=#uLqXK*W{Nj_I8CF7ZamzL`euP8ke>%2tAH!?}F*24wTW$<3v*L6^zzZxe<{QLA
zILAgHB-1%i@4|*SEHPTwPR%?qd`h}`THEvq<`VIL#2rf$WgeKejLf<p<5XeJkqB0m
z1wLs}f;vkXx92Pub0bGGs8p&D&CMc~3d@1gOpLyZZI0ey?hnvxb+27-PTbbCe|X4h
z8BitstRRQ>paL`C`g6iFVh|v)P-BAr6EEa$oF`OGUqQ%0woAofj|n0>$V_USoo5*o
zkoMbXZOqX=CFoY?D{6=VCwXF2*RYBjJoIR??9#-D4lg8x@_D#Js9iym-KvO9R41V8
zy53-2*6l*bt|XFv4lkXA()F>Pf8ZKu#8nYdD~$lY3*K(vK|?+qN3XU>kPJiI_wLTU
z;rLzoK_0tV#$&+zNxG_J1{GqD1p1~f`qXP>=-n=4?PQJpX^pz=p`&~1DUl$Uxq0lZ
z3_4+@j0k6-bPhmB#OCi`v#$>+V<8vl9{n`{iTy!s3}&yOZ}!*se*4u~e_3zsaE)1)
zh6VqWIrJsZt-t@M{{F|F4)=e@ksA=~U~}mAe=hpp|Fh4gt>1sm&WHQIW5@$y|3oaM
zzR-{=V_*J#Ie9}?Kxt~=`T_pHMEEX)ATlx+bfY13&SofH$_nG5ifc+|uej@6%p7~^
z@PC}M=g#vP)9gprEiasle@n;X&SL6#rw(@qWd0S>L30j1$NlktdN!L5_<sz!h2|b)
zj$85HzHFTT`D{A;{^KZe0Q|=gVJey8-*TalbNZQFa}~PVD}UqJOr-lMa^$$)GC0Y;
zXLNm4<cavtvZ$?9nBKtBk0$z}IFCcV=3)Ai-T=7U^Zz>kKR+ArOaB;BKmX!-;=p!r
z|MQ;`T^P>)2-1E2`c~>-a~S@2dH3_TPfv;e+4_b|#3BPLIqZ`5@|&OkAcG7t$RL9Z
P^83jT-w5Oj08jt`&u&{k

delta 4631
zcmV+y66o#QCDtX79XwH`lNy8op#>p8LeP_PvG0pm1(|&JL9(58w)QNJXS&L#>ODZ`
zaL@0a^<KblUHFqfn2?!hl6)Lz`sI;XGJn#U=lHVm>pph<=KbloJD4Jf|AzkwipD<y
zk@pAT_vxem;iifH&>HZ_fBIedj}thKqZmTX{zp-a{FwhAg5LOl{(BjfP5ZKL?3bxO
zK3ARdzI41J|51dde&K)ee)yRGAAn}RKg})&*_oEOJlPyNx)^`IT(L)XdH*>)u78%A
zvb<&?vI_}Zy6ni<!&kv5^h2BD=~XLub15Oabrg4ce?}5QC86UvGs8#=O(oR=ebZ^&
z-bxdf<`&EK8RoprVjnqzbO;ZdC{@#2p>eV5b{L0s@Sbv;6?9(H^5T}zJEOgw`;Iy_
z<C#GR!rQ4*w`JK)BDte>Twe|xM}N~^U)Q3+@t5s+qx1-p9FhaJJ#fR8xpjIK6_`OB
z)d>+INZgUhDpLKci0Q3V2pcqxkR<2f&H73%U9XY*u!DI#?6wXnVcOy79MEkd9WJ%M
z?b)q&EeP0Os++#2)(w}!Q687x_IwqCD(#k<EFVq_b-g}^41|$re0JqBsekRUJ7+Dl
z&MUN8ZCrkg`LXv}d|KGNKB<napYf$Ga(*H1hv{VCqn|krHfh`aL|eY^^`2fjQf4&a
zIS`;gX^{hkE;ooP==5=Ua2DiE<$IplxSO1gO8>Zp8uEG*pp0{Fekg5Yj$ARDm6L0U
zkzU~dcl+F65Hqoq`j#Td&3`I~%-p8usKXt;W!BDaHztjaH{XKy`2ROMtK!0cihSG4
z{H6i^ucP-P{cq`4_22g}l0+Bx9`L?&JnH|i>;6yupThB9)PI7)kdO8ML(tQmmb@s*
z;6dSKO<RMCDxF!K2e-WW-~tZ5%$(xU8*1y4wqEk+5A0GTdnZ5LPk(tQUv$=yeM9%Y
z!S09q|8{b*u(b@}ILi9zcDM_1%OkmpdU0Y{+*HnM3}sZ#^!jF^%$luNH%ImM(6J05
z*T0XkiT7G1`w4&5flK)IsQ=SJfjej}@3N)44}|cRoN6iVl;V)^=^(r7Y5~cIHVmh@
z?Fo+%&{cX68AlmbUVpea1<vKhZz2o=CZ&oSu2F<mKqiulSLBVj;}h1K-oaJYG;V`!
zklD_NGSg5S>mpC=@!M~KhiQ3v_4{W3ApZYn`TxGwfbZJ>&FTKj^&f!}AM^i1(0%>)
z+U1WmAopqwm{}_cm35xH|0W5)9sIu)`ybZ{|625W`@i?8<9{9fpF~LPm;IkW=#TmT
zA?Oe6|I6&r|Gh`2b_+m`9;{)$`7UVk>~Km3yE0{tILM<gLT2F&I1@R{&T7eRTHQoe
zlersV)+vp862$vK3J8`VNvBd=k$i!SP8uenCE<smKdNXj6!TtFGH%+cT*aovTYC!$
z%k;8q!?y0HLw~Vj;Y@|50B}ucL~Hl#&|S9MXMyY<)*7Pi;*jOcalKE|B|3#+2jLDy
z-Lfze#!S=cg)B|w)W%8JaQ)r^Qp&UzS;zD4Vrd3Z44DIQx?H0+rM1mX^UTtd$VeGg
zsyklR&dMQn{Y@rzalX*xG)cv&)yffAWfUIQ16SA;q<`SyNpol@qS;Cztn#|nGCL|L
zYZsmpUC)%0dP7Y`X*<u%E-PE2u%^x|Cx`&@>N)IqS?<edU*nF)z(&L~h=HZ3H=J%^
zQQeaL9u-=qs0?h;AaSyXuuD-m_=yt7&AFC@%MA#MiS|}qd(^!3@&qBQp2NO-Qg=6n
zyKq)V*njJk>+6Hvs6lninM=uWW!N2I?ue0TiB{VlU*N!w%z9arFr8v7S>7A=eq(Tz
zU^*>!+XYK(9GQ~l7xaC(6wAtKfYv&?SE8RkivaGyCN9~%ATi?ASRK1n;zsk%b%VPy
zEEzC|IlfkHT{YyBW8;fk^02sQO0+J>rE!iqVSl>}Ar;sx_Bkm@w_KB_W{2?Jh1no;
z1PRS4q*x*sRZ$l`X}b|d+T7VRGgafDkf)%*aZ#D81TGj54OH5+xlET;gtUB2lq{R?
zqiM5YJ(rMneTzX|W0{ibR;Lt#b!|`WX|p7DY(0tOAr}M7iI!^xI2voh?DPFW5UA3z
z4u44Oo(f~T)()o5q<)<WH*CNlj%IY9BdY$CSQ5Ex=+ku{l735E8MeZ%K#(j5fzKhh
z^oOkuiS{-^Dx<WZTq6W&uB|%CyPmO{Xs0kX=K+fkZM`K811EgDFou0L=vxWUw+jpp
z6tq+oS!gTy;tG3nL%HU(l2s?zQ0KOHWPhoglr|$tY=Iu4CO+Ha^2}UF2EvbYec}s1
z9nMP2@??(}0<SUpkPW%hi4n=x)Rfo!g*t6|fnvj}v`dvCl{;%I+giPVy%DmUNsZ+c
z>H$&Lbs<l<b9hw^k@gx5AH1gNw}+eJKWfT;t}l<UU=0s9h%{Ie9d=4FW|arFdw;tu
z=oSLT>&6xr_7?K3Q5-pZ;w=8upXJLGp`y0hE(LiMd&8vIE>#k>@rXFdr;y~tL`2Hy
zmX=pWZU8#R+gvQ%+iLPr+7|-;h9t+XlTA-T$1q*u9ZM-#b0J}i^ovZ8Z7OrzrXUa1
zm8Os_KiN?P92jLWj#IkdB9|VK27g32?DAUMvI2^trP4|g-}cKrxf>3yzE-X~h8QvC
z8c$5JBqR??&7&7h0D~7&k)L-Zb3w0;?kCoy<QI-Qos^i%k&!qiM{Aep*s!~;FBhpm
zL`B)habO6@El3wJ;-7F0fccJa*!58FmHjZF1J19IrFGT?O4+vf)r)spD}SA<y%NHn
zLLEDNM|M#kYL^wxdj%XFoo#4oz^zD)BXrPZY(lV%DC17tb)hO)1EWf&nAFySbkX&=
zNV;iRt@pAt*R;!Ii7XdE!9|FBt)Z@fC`XjV4=aAz>{j_{cNx*fa^T}&!@*=FlO>_c
zI;2lMatwVlu;|t1f<b+jtbbM&golA<-Gc(?Q9n1%Re+ip%`bTgv9%bHh}BJU$En!r
zSn91wg|MB#y{SsTT}RG2V-6e@Jw;K1h)ymc%fN~jFA!ExC0tL8w_BVNXpLhou9aBN
z?{!gIXsffh?n%@<UVB6&sH?p$8HH)AYq7*f(>TPb2W(E30~t3*BY!a(lPgiOeabC6
zt6b@aEbiJ}lyCI7LzcU96mmqKt4OH(X{m>*ROZ%Vk*t~42UrE^b5ArYl7Jn0y||Vv
zabCia-rFI|P)l#a-gZ@ZaI<~dm5&B{TrK*wel)hxqORpZU*`lMYQ-@KdAx4U&NAl?
z=aVd>d-&)>ttr*e4SzDAY92@0OOmo&(Ab6dQDR5#cr|Q~Mg*~!O+pd??bw%qWN(s`
zmlJ&*d>=n(GAVb{Dh~4V8XZi$u^LmP8I(eiF*-?yi9Rji&7$fZ2{|%jV%9(*Wb^_W
zWfnH0QaX`r-+0Hvj#BA0<6lS*-jKR%u5JC`IKi;fF_uX!=YM$J?D_kG!lPnVzEuD$
zvnIR4_I1ssSwD^tWc8CM$m+0`-TM>lxohk>`=EBItrl5KRyFKogg}bn0u`syU@i%a
z1EGpe!noiUNy_I})4$Npu_5v6(uZW2%By}+O&lMQzT=&PsxqxPLj5VV8g(B=i}1GI
zRE4q!)*d`n@qb`Xm0qlmt8Hms%Z3~phSiH{V05x^S5&S-O@gY&g3nWy#jv3!3@$e$
z*0`=N7L!OowZS(M8(t*(L@_nIQRfwnwxIR%wb@b&thLtxy{uHz?)h-hG<$ESF!E*0
zGG<LWYBev6DB*+y$C2M03o5`j@O`zlR7VF}AV*PXTz@g^EDbF!Lr5L*Jh{XFpT`j&
z=>yY!|Cg1nojrSh*gN3I``>qd|3S=U62}pgyubgwKQ8+C{`UjW+x~y^xaRq8lJ_{-
zcle*4cl~etkI@u;-~W^N$M?S<gueI;cH#nVA^<q^swN%eZ$C$#sm}r63sCjFxc1!^
zY+A4ET9fPxGcwIx*mqx|05FS%ehoe~E%@RG<clx9hJOS<XCDs_!ChQ*H}FkNg7<He
znzptpuz&FylTi#y0cMk(3>z8YNATaj0srFx7<@v(uYlQvUx1q5b`>c5lhF(pf8jOI
zAK{_0Up8G;WwC1)?elD_;B)Z%Z@@P43*gh=G?ozuG1xqm1Z6kR^0Uu@PiLH<?RntO
z#{)i%i#gb{Y&HRfAn(=;-;2Y~Ilm<c_*vt>8{R!Eeu5apz}*6$fp0+~h@V0Fhpk>C
zDP9@zEyf$md~sI+zW$2sEhB@oe~P=>rt;kxi0|Da<|p<X6>}h##Ur%l7%yu({JnX|
z<=ewPZhU10-}@`*baCd*f&Lo^o}Zs*e*|Sc^ZNOB@Wo%U285fjf!)k*n){@_0zUOh
z;L}fCyYXk0v*4fp^mpWG@%`67&Ueg=8PZqx!(F5W|Ms^h{vd$gefN7-e|aTpcXN)u
zm<M}x89!$H;uQ-2o}gvr*lr5EV$UPKI{D_C`_XTs_pZ^4-0HWr4VhiMR`*DW|6<&M
z--BO%34REGUE{oWbIf7i#_lT~IMbZ3^}Wua$TNXGBhMI&5&z(ZcIyxJ_!Ad>3+S(r
zy#h85S7!aI6n%)?>(u@0f6h6&F@$-h{<D3n>uuYHqR-K<;GCgryV*-*$5{pBVf`33
zYz2%CeH#$a5+ieyNR^W8`rr3lO0p$cYLdeB9;yojb@|PEFV8)flCCGN>(XC;^#%QP
zDn+E+C&yL79%kXMG#kB7=@{JUDAF7Hr4De<8#%PnKFyWmw4NW0f2u9f6AD_UQ~hA$
z-&!?JXhg!sAJ~Z8suw!Qbsq0*#vhlj$F{JQS<2+p>dPrf3q@Tm9AqL+fHr2!DAOu+
z{*)L71x~4c0&1}Y@PHA5XVh;aSPpbZHMYD2hDN|LfQn8ssTGg5EHQd51C;(Jwl+NT
zwUz-3g%XBSBL=Nof1sl%p7OO|nS{EkP@xl{Qepw;Y{?ZmS&(y@UbPRdKNpSQ8D9{s
z(aZYn`EDzFh1lhDBUr50r~qQV`}M7z8Jj1#-?EKXKVUDyLbeDn%tjK?V2Lm>R|3``
zi^-5hI5kkL5*xrgY`&3*G!!zZcc~fy1;^{c4H^%^p3`Hnf9H)&PaMZj8cl=Sa;mPv
zi8eBHIv}If4ob{vRloyls<(h&9T1Vi;W}GjS2BAOC)svUx<tyhgfd0VJE;0E@|vRX
zWnsMzTUAPz>R%#tmG3Yg6j;ZF=AU9__*pE&RZYdu4q|naK8y~vR&BEi(Z#v`9Zmj(
z3G1utdh=k^f3K<s3{*bC>>q>xt1=`NA@`x`gMwZI*4j8{cH}^&d>ILv7mjsfO=0z2
zg9JNA2?jXR3j!*l24JT!LxQD`{YY??Csa*8!L-4mE5+kHBna7HDQR(vMV0|y(*9H0
z81rn;^}9*VD{6=V$9Yolme#pw_;rtYsxECUcIb_ue<u*p4tjP4ZQ5#LHa49|ZR>iY
za8<X94ZD(92RU$R9BCe4J>e}*oG@jmtTh6vF2!L39~ue(9d@;4=2K9=eedq18qn88
z{By;#Oeo;@Bwf`ge~qytf&N?<YxPDMdLI_D!z_$Fan8E^p`&~18<`+V@m%?<0-v!`
zMocm^f0o=67PG}4uh~D}Qz}A7t$Xy>KsWXswXx^KUqRpO$B+H~YtyaX+Tniki=^e~
zUu6z^$#d`bANB8l-06Jy{^KO_8K67b9QOU6dH?%=?&b90`>)y6aQ}A-IVbi{3|!j_
z4Q(>^{_mILH{=DBriMHS@ef=?>@o=AEDK3De;U%}Yz31{S?N4faZBm!jo{vV=DByC
z_{F<?;k}qK%g=1x-Q1gBd%p0NQ_sKf1RntW|Bwzgbo4nMkN?xl*>u4FQ^-AR_$YJS
zi~sI*%l=oh>G1u>N#qFlk0GK|Gb29a(jYYrGQAci;@g{G<GW0z`zdmy!v0-2$v$Ru
zaeY;$llY(GP+O;Ty@AZ1OzcH*t|GA(QTmnM0C?E*|0e&xx*YKT6w<VRd5dvmKX|<T
zr$iS9`=3C%?Qbuyjy6ZZ|E?cyfA`{o_@8Sp(xj3ZSjlmhw3lz({(}rM$RL9ZGRU_l
Np8yoyHmm?p000^^J3RmZ

diff --git a/overlay/etc/local.d/headless.start b/overlay/etc/local.d/headless.start
index 44e17d8..b23d4ff 100755
--- a/overlay/etc/local.d/headless.start
+++ b/overlay/etc/local.d/headless.start
@@ -79,6 +79,19 @@ rc-service networking start
 ## Setup temporary SSH server (root login, no password)
 ## we use some bundled or optionaly provided keys to avoid generation at boot and save time
 apk add openssh
+cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig
+cp /etc/conf.d/sshd /etc/conf.d/sshd.orig
+
+cat <<-EOF >> /etc/ssh/sshd_config
+	AuthenticationMethods none
+	PermitEmptyPasswords yes
+	PermitRootLogin yes
+	Banner /tmp/.trash/banner
+	EOF
+
+cat <<-EOF >> /etc/conf.d/sshd
+	sshd_disable_keygen=yes
+	EOF
 
 # banner file
 cat <<-EOF > /tmp/.trash/banner
@@ -90,26 +103,15 @@ cat <<-EOF > /tmp/.trash/banner
 # bundled temporary keys are moved in RAM /tmp so they won't be stored
 # within permanent config later (new ones will then be generated)
 mv /etc/ssh/ssh_host_*_key* /tmp/.trash/.
-
-cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig
-cat <<-EOF >> /etc/ssh/sshd_config
-	AuthenticationMethods none
-	PermitEmptyPasswords yes
-	PermitRootLogin yes
-	Banner /tmp/.trash/banner
-	EOF
-
 # inject optional custom keys (those might be stored)
 if ! install -m600 "${ovlpath}"/ssh_host_*_key* /etc/ssh/; then
-	echo "HostKey /tmp/.trash/ssh_host_ed25519_key" >> /etc/ssh/sshd_config
-	echo "HostKey /tmp/.trash/ssh_host_rsa_key" >> /etc/ssh/sshd_config
+	logger -st ${0##*/} "Using bundled ssh keys from RAM..."
+	cat <<-EOF >> /etc/ssh/sshd_config
+		HostKey /tmp/.trash/ssh_host_ed25519_key
+		HostKey /tmp/.trash/ssh_host_rsa_key
+		EOF
 fi
 
-cp /etc/conf.d/sshd /etc/conf.d/sshd.orig
-cat <<-EOF >> /etc/conf.d/sshd
-	sshd_disable_keygen=yes
-	EOF
-
 rc-service sshd start
 
 ## Prep for final post-cleanup