diff --git a/board/common/overlay/etc/init.d/S60sshd b/board/common/overlay/etc/init.d/S60sshd
index 4d402056f6..9e3ff1c878 100755
--- a/board/common/overlay/etc/init.d/S60sshd
+++ b/board/common/overlay/etc/init.d/S60sshd
@@ -1,8 +1,12 @@
 #!/bin/bash
 
-SYS_CONF="/etc/sshd_config"
-USER_CONF="/data/etc/sshd_config"
-CONF="/var/run/sshd_config"
+SYS_DIR=/etc/ssh
+USER_DIR=/data/etc/ssh
+RUN_DIR=/var/run/ssh
+
+SYS_CONF="${SYS_DIR}/sshd_config"
+USER_CONF="${USER_DIR}/sshd_config"
+CONF="${RUN_DIR}/sshd_config"
 
 PROG="/usr/sbin/sshd"
 PROG_KG="/usr/bin/ssh-keygen"
@@ -18,24 +22,32 @@ test "${OS_NETWORKLESS}" == "true" && exit 0
 
 
 start() {
-    msg_begin "Starting sshd"
-    
     # merge user and sys conf files; options in first file take precedence
+    mkdir -p $(dirname ${CONF})
     if [[ -s ${USER_CONF} ]]; then
         cat ${USER_CONF} ${SYS_CONF} > ${CONF}
     else
         cp ${SYS_CONF} ${CONF}
     fi
 
+    # ensure various dirs existence
+    mkdir -p ${USER_DIR}
+    mkdir -p ${RUN_DIR}
+
     # create any missing keys
-    if ! ${PROG_KG} -A >/dev/null; then
-        msg_fail
-        return 1
+    if ! [[ -s ${USER_DIR}/ssh_host_rsa_key ]]; then
+        msg_begin "Generating ssh host keys"
+        for type in rsa dsa ecdsa ed25519; do
+            ssh-keygen -f ${USER_DIR}/ssh_host_${type}_key -N '' -t ${type} >/dev/null
+        done
+        test $? == 0 && msg_done || msg_fail
     fi
 
+    msg_begin "Starting sshd"
+    
     umask 077
     hostname=$(hostname)
-    echo "Welcome to ${hostname}!" > /var/cache/sshd_banner
+    echo "Welcome to ${hostname}!" > ${RUN_DIR}/sshd_banner
     sync
 
     ${PROG} -f ${CONF}