--- /dev/null
+#!/bin/sh
+
+# Create files for SSH server
+
+set -eu
+
+
+cd "$(dirname "$0")"
+
+# Generate new keys so nobody else can login as this user. Host keys would be
+# safe to commit but lets not needlessly commit private keys anyway.
+if ! test -e sshd/ssh_host_key; then
+ ssh-keygen -q -t ed25519 -N '' -f sshd/ssh_host_key
+fi
+if ! test -e ssh/id_ed25519; then
+ ssh-keygen -q -t ed25519 -N '' -f ssh/id_ed25519
+fi
+if ! test -e ssh/authorized_keys; then
+ cat ssh/id_ed25519.pub > ssh/authorized_keys
+fi
+if ! test -e ssh/known_hosts; then
+ printf '[127.0.0.1]:29327 ' > ssh/known_hosts
+ cat sshd/ssh_host_key.pub >> ssh/known_hosts
+fi