Regenerate SSH keys

Dockerfile.m4

@@ -327,7 +327,10 @@ m4_ifelse(ENABLE_32BIT, 1, [[m4_dnl
 		xfce4-xkb-plugin \
 		xfpanel-switch \
 		xubuntu-default-settings \
-	&& rm -rf /var/lib/apt/lists/*
+	&& rm -rf \
+		/tmp/* /var/tmp/* \
+		/var/lib/apt/lists/* \
+		/etc/ssh/ssh_host_*
 
 # Copy Tini build
 m4_define([[TINI_IMAGE_TAG]], m4_ifdef([[CROSS_ARCH]], [[latest-CROSS_ARCH]], [[latest]]))m4_dnl

scripts/bin/docker-foreground-cmd

@@ -2,11 +2,6 @@
 
 set -eu
 
-# Disable xdummy if there is no graphics card
-if [ "${DISABLE_GPU:?}" = 'true' ] || [ ! -d /dev/dri/ ]; then
-	unlink /etc/service/xdummy
-fi
-
 # Create unprivileged user and group
 groupadd \
 	--gid "${UNPRIVILEGED_USER_GID:?}" \
@@ -38,12 +33,22 @@ unset UNPRIVILEGED_USER_PASSWORD
 # Dump environment variables
 export-env >> /etc/profile.d/env.sh
 
+# Disable xdummy if there is no graphics card
+if [ "${DISABLE_GPU:?}" = 'true' ] || [ ! -d /dev/dri/ ]; then
+	unlink /etc/service/xdummy
+fi
+
 # Create RANDFILE if it does not exist
 RANDFILE=${RANDFILE-${HOME}/.rnd}
 if [ ! -f "${RANDFILE}" ]; then
 	dd if=/dev/urandom of="${RANDFILE}" bs=256 count=1 >/dev/null 2>&1
 fi
 
+# Generate SSH keys if they do not exist
+if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
+	DEBIAN_FRONTEND=noninteractive dpkg-reconfigure openssh-server
+fi
+
 # Generate self-signed certificate
 if [ ! -f "${RDP_TLS_KEY_PATH:?}" ] || [ ! -f "${RDP_TLS_CERT_PATH:?}" ]; then
 	KEY_FILE=${RDP_TLS_KEY_PATH:?}