Do not save SSH host key in baseimage-docker. Instead, generate it automatically during boot.

README.md

@@ -73,10 +73,15 @@ By default, it allows SSH access for the key in `image/insecure_key`. This makes
     # Remove authentication rights for insecure_key.
     RUN rm -f /root/.ssh/authorized_keys /home/*/.ssh/authorized_keys
     
-    # Use baseimage-docker's init process.
+    # Regenerate SSH host keys. baseimage-docker does not contain any, so you
+    # have to do that yourself. You may also comment out this instruction; the
+    # init system will auto-generate one during boot.
+    RUN /etc/my_init.d/00_regen_ssh_host_keys.sh
+    
+    # Use baseimage-docker's init system.
     CMD ["/sbin/my_init"]
     
-    # ...put other build instructions here...
+    # ...put your own build instructions here...
     
     # Clean up APT when done.
     RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

image/cleanup.sh

@@ -6,3 +6,5 @@ set -x
 apt-get clean
 rm -rf /build
 rm -rf /tmp/* /var/tmp/*
+
+rm -f /etc/ssh/ssh_host_*

image/system_services.sh

@@ -5,6 +5,7 @@ set -x
 
 ## Install init process.
 cp /build/my_init /sbin/
+mkdir -p /etc/my_init.d
 
 ## Install runit.
 $minimal_apt_get_install runit
@@ -20,6 +21,7 @@ mkdir /var/run/sshd
 mkdir /etc/service/sshd
 cp /build/runit/sshd /etc/service/sshd/run
 cp /build/config/sshd_config /etc/ssh/sshd_config
+cp /build/00_regen_ssh_host_keys.sh /etc/my_init.d/
 
 ## Install default SSH key for root and app.
 mkdir -p /root/.ssh