diff --git a/config/rootfiles/updater/update.sh b/config/rootfiles/updater/update.sh
index e6b26d322..037209dec 100755
--- a/config/rootfiles/updater/update.sh
+++ b/config/rootfiles/updater/update.sh
@@ -63,6 +63,14 @@ echo srv/web/ipfire/cgi-bin/traffics.cgi >> /opt/pakfire/tmp/ROOTFILES
 echo srv/web/ipfire/cgi-bin/graphs.cgi >> /opt/pakfire/tmp/ROOTFILES
 echo srv/web/ipfire/cgi-bin/qosgraph.cgi >> /opt/pakfire/tmp/ROOTFILES
 #
+
+# Remove some files from the rootfiles
+cat /opt/pakfire/tmp/ROOTFILES \
+	| grep -v "var/log/cache" \
+	| grep -v "var/updatecache" > /opt/pakfire/tmp/ROOTFILESNEW
+
+mv -f /opt/pakfire/tmp/ROOTFILESNEW /opt/pakfire/tmp/ROOTFILES
+
 tar czvf /var/ipfire/backup/update_$OLDVERSION-$NEWVERSION.tar.gz \
    -T /opt/pakfire/tmp/ROOTFILES --exclude='#*' -C / > /dev/null 2>&1 
 echo
@@ -241,3 +249,11 @@ chmod +x /tmp/remove_obsolete_paks
 echo
 echo Please wait until pakfire has ended...
 echo
+
+echo
+echo Finaly were going to renew all ssh keys
+echo
+
+rm -f /etc/ssh/ssh_host_rsa_key* && ssh-keygen -qf /etc/ssh/ssh_host_rsa_key -N ''
+rm -f /etc/ssh/ssh_host_key* && ssh-keygen -qf /etc/ssh/ssh_host_key -N '' -t rsa1
+rm -f /etc/ssh/ssh_host_dsa_key* && ssh-keygen -qf /etc/ssh/ssh_host_dsa_key -N '' -t dsa
diff --git a/lfs/updater b/lfs/updater
index 2cf06aa50..8e280d240 100644
--- a/lfs/updater
+++ b/lfs/updater
@@ -55,6 +55,18 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	mkdir -p /install/packages
 
 	find $(DIR_SRC)/config/rootfiles/updater/filelists/* -maxdepth 1 | xargs cat >> /tmp/ROOTFILES
+	cat /tmp/ROOTFILES \
+		| grep -v "etc/httpd/conf" \
+		| grep -v "etc/ssl/openssl.cnf" \
+		| grep -v "etc/ssh/sshd_config" \
+		| grep -v "etc/ipsec.conf" \
+		| grep -v "etc/ipsec.secrets" \
+		| grep -v "etc/snort/snort.conf" \
+		| grep -v "etc/squid/squid.conf" \
+		| grep -v "srv/web/ipfire/html/proxy.pac" \
+		| grep -v "srv/web/ipfire/html/wpad.dat" \
+		> /tmp/ROOTFILESNEW
+	mv -f /tmp/ROOTFILESNEW /tmp/ROOTFILES
 	sed -e "s/KVER/$(KVER)/g" -i /tmp/ROOTFILES
 	tar -c -C / --files-from=/tmp/ROOTFILES \
 		-f /$(SNAME).tar --exclude='#*' --exclude='dev/pts/*' \
diff --git a/src/initscripts/init.d/sshd b/src/initscripts/init.d/sshd
index eff98a9f2..1bd23460a 100644
--- a/src/initscripts/init.d/sshd
+++ b/src/initscripts/init.d/sshd
@@ -12,7 +12,14 @@
 
 case "$1" in
     start)
-    		[ -e "/var/ipfire/remote/enablessh" ] || exit 0 # SSH is not enabled
+    if [ ! -e /etc/ssh/ssh_host_rsa_key ]; then
+       echo "Generating SSH Keys"
+       ssh-keygen -qf /etc/ssh/ssh_host_rsa_key -N ''
+       ssh-keygen -qf /etc/ssh/ssh_host_key -N '' -t rsa1
+       ssh-keygen -qf /etc/ssh/ssh_host_dsa_key -N '' -t dsa
+    fi
+
+        [ -e "/var/ipfire/remote/enablessh" ] || exit 0 # SSH is not enabled
         boot_mesg "Starting SSH Server..."
         # Also prevent ssh from being killed by out of memory conditions
         loadproc /usr/sbin/sshd