diff --git a/README.md b/README.md
index 064f9f8d0dac65fdae827d8625dc19406b432bfe..19cdb659ac87bd7c07148ceb6fd7efd4c650978c 100644
--- a/README.md
+++ b/README.md
@@ -99,7 +99,6 @@ The openhab-pb stack consists of multiple configuration files that need to be av
   - contains entry for openhab package
 - *nodered_settings.js*: basic node red config
   - copy from template folder
-  - contains `httpNodeAuth` for users
 
 **ssh**
 
diff --git a/building_manager.py b/building_manager.py
index 2db952724041c5c6046f0e4c13f325c3a3c32342..ee3d6a8012de048f03e563820a8ce09d27c8210a 100755
--- a/building_manager.py
+++ b/building_manager.py
@@ -23,7 +23,10 @@ TEMPLATE_FILES = [
 EDIT_FILES = {
     "mosquitto_passwords": "mosquitto/mosquitto_passwords",
     "sftp_users": "ssh/sftp_users.conf",
-    "traefik_users": "traefik/traefik_users"
+    "traefik_users": "traefik/traefik_users",
+    "id_rsa": "ssh/id_rsa",
+    "host_key": "ssh/ssh_host_ed25519_key",
+    "known_hosts": "ssh/known_hosts"
 }
 
 # Default Swarm port
@@ -145,6 +148,55 @@ def generate_sftp_file(base_dir, username, password, direcories=None):
                                   file_content)
 
 
+def generate_id_rsa_files(base_dir):
+    """Generates id_rsa and id_rsa.pub private/public keys using ssh-keygen
+
+    :base_dir: path that contains custom config folder
+    """
+    id_path = base_dir + '/' + CUSTOM_DIR + "/" + EDIT_FILES['id_rsa']
+
+    # execute ssh-keygen
+    id_result = run(
+        ['ssh-keygen', '-t', 'rsa', '-b', '4096', '-f', id_path, '-N', ''],
+        text=True,
+        capture_output=True)
+    return id_result.returncode == 0
+
+
+def generate_host_key_files(base_dir, hosts):
+    """Generates ssh host keys and matching known_hosts using ssh-keygen
+
+    :base_dir: path that contains custom config folder
+    """
+    key_path = base_dir + '/' + CUSTOM_DIR + "/" + EDIT_FILES['host_key']
+    # ssh-keygen generates public key with .pub postfix
+    pub_path = key_path + '.pub'
+
+    # execute ssh-keygen
+    id_result = run(['ssh-keygen', '-t', 'ed25519', '-f', key_path, '-N', ''],
+                    text=True,
+                    capture_output=True)
+
+    # read content of public key as known line
+    known_line = ""
+    with open(pub_path, 'r') as pub_file:
+        pub_line = pub_file.readline()
+        split_line = pub_line.split()
+        # delete last list element
+        del split_line[-1]
+        # collect hosts as comma separated string
+        hosts_line = ','.join(h for h in hosts)
+        split_line.insert(0, hosts_line)
+        # collect parts as space separated string
+        known_line = ' '.join(sp for sp in split_line)
+
+    # write new known_line file
+    create_or_replace_config_file(base_dir, EDIT_FILES['known_hosts'],
+                                  known_line)
+
+    return id_result.returncode == 0
+
+
 def generate_traefik_file(base_dir, username, password):
     """Generates a traefik password file
 
@@ -476,6 +528,8 @@ def init_menu(args):
     generate_sftp_file(base_dir, answers['username'], answers['password'])
     generate_mosquitto_file(base_dir, answers['username'], answers['password'])
     generate_traefik_file(base_dir, answers['username'], answers['password'])
+    generate_id_rsa_files(base_dir)
+    generate_host_key_files(base_dir, ["host1", "host2"])
 
     print(answers)