Updated sshd config

config/ssh/sshd_config

@@ -1,29 +1,26 @@
 Protocol                        2
 HostKey                         /etc/ssh/ssh_host_ed25519_key
 HostKey                         /etc/ssh/ssh_host_rsa_key
-
-Port 3322
 ListenAddress                   0.0.0.0
-
+Port                            3322
-StrictModes yes
+UseDNS                          no
-
 UsePAM                          yes
+X11Forwarding                   yes
+X11UseLocalhost                 no
+X11DisplayOffset                10
+AllowTcpForwarding              yes
 PermitRootLogin                 no
+PermitEmptyPasswords            no
+PermitUserEnvironment           no
 PubkeyAuthentication            yes
 PasswordAuthentication          yes
-PermitEmptyPasswords no
 ChallengeResponseAuthentication no
-TCPKeepAlive yes
+GSSAPIAuthentication            no
 LoginGraceTime                  30
-ClientAliveInterval 300
+TCPKeepAlive                    yes
-ClientAliveCountMax 1
+ClientAliveInterval             60
-
+ClientAliveCountMax             5
-X11Forwarding yes
-X11DisplayOffset 10
-X11UseLocalhost no
-
 PrintMotd                       no
-PrintLastLog yes
+PrintLastLog                    no
-
 SyslogFacility                  AUTH
 LogLevel                        INFO

scripts/bin/container-foreground-cmd

@@ -45,8 +45,11 @@ if [ ! -f "${RANDFILE:?}" ]; then
 fi
 
 # Generate SSH keys if they do not exist
+if [ ! -f /etc/ssh/ssh_host_ed25519_key ]; then
+	ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N '' >/dev/null
+fi
 if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
-	DEBIAN_FRONTEND=noninteractive dpkg-reconfigure openssh-server
+	ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N '' >/dev/null
 fi
 
 # Generate self-signed certificate