I can’t find the right way to inject the ssh host keys into a system with etc transient = true.
As I understand it, depending on external mechanisms is fine for the installation phase day 0, but it generates some doubts:
- Wouldn’t those keys be lost after a restart?
- Is it possible to modify those keys on day 2 with a bootc update?
- Is it advisable to perform a systemd drop-in to the SSH service so that it moves or reads the keys in some persistent path such as /var/ssh?
Thanks