diff --git a/srcpkgs/openssh/files/sshd.service b/srcpkgs/openssh/files/sshd.service
new file mode 100644
index 00000000000..fa3d3f278b0
--- /dev/null
+++ b/srcpkgs/openssh/files/sshd.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=SSH Secure Shell Service
+After=syslog.target
+
+[Service]
+ExecStart=/usr/sbin/sshd -D
+
+[Install]
+WantedBy=multi-user.target
+
+# Note that this is the service file for running a single SSH server for all
+# incoming connections, suitable only for systems with a large amount of SSH
+# traffic. In almost all other cases it is a better idea to use sshd.socket +
+# sshd@.service (i.e. the on-demand spawning version for one instance per
+# connection).
diff --git a/srcpkgs/openssh/files/sshd.tmpfiles.d b/srcpkgs/openssh/files/sshd.tmpfiles.d
new file mode 100644
index 00000000000..075395151a6
--- /dev/null
+++ b/srcpkgs/openssh/files/sshd.tmpfiles.d
@@ -0,0 +1 @@
+d /var/chroot/ssh 755 root root
diff --git a/srcpkgs/openssh/files/sshdgenkeys.scripts b/srcpkgs/openssh/files/sshdgenkeys.scripts
new file mode 100644
index 00000000000..91a86706e53
--- /dev/null
+++ b/srcpkgs/openssh/files/sshdgenkeys.scripts
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+if [ ! -e /etc/ssh/ssh_host_key ]; then
+	/usr/bin/ssh-keygen -t rsa1 -b 4096 -f /etc/ssh/ssh_host_key -N ''
+fi
+if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
+	/usr/bin/ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N ''
+fi
+if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
+	/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
+fi
+if [ ! -f /etc/ssh/ssh_host_ecdsa_key ]; then
+	/usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
+fi
+
+exit 0
diff --git a/srcpkgs/openssh/files/sshdgenkeys.service b/srcpkgs/openssh/files/sshdgenkeys.service
new file mode 100644
index 00000000000..8edfa65d253
--- /dev/null
+++ b/srcpkgs/openssh/files/sshdgenkeys.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=OpenSSH server Key Generation
+ConditionPathExists=|!/etc/ssh/ssh_host_key
+ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key
+ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key
+ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key
+
+[Service]
+ExecStart=/lib/systemd/scripts/sshdgenkeys
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target
diff --git a/srcpkgs/openssh/openssh-server.template b/srcpkgs/openssh/openssh-server.template
index 81a3ff5bd3f..37f0cfb245f 100644
--- a/srcpkgs/openssh/openssh-server.template
+++ b/srcpkgs/openssh/openssh-server.template
@@ -5,8 +5,10 @@ long_desc="${long_desc}
 
  This package contains the ${pkgname} server files."
 
+revision=1
+
 conf_files="/etc/ssh/sshd_config /etc/pam.d/sshd"
-openrc_services="sshd default true"
+systemd_services="sshd.service sshdgenkeys.service"
 
 Add_dependency run glibc
 Add_dependency run zlib
@@ -27,6 +29,9 @@ do_install()
 		vmove usr/share/man/man8/${f}.8 usr/share/man/man8
 	done
 	vmove etc/pam.d etc
-	vmove etc/init.d etc
-	vmkdir var/chroot/ssh
+	vinstall ${FILESDIR}/sshd.service 644 lib/systemd/system
+	vinstall ${FILESDIR}/sshdgenkeys.service 644 lib/systemd/system
+	vinstall ${FILESDIR}/sshdgenkeys.scripts 755 \
+		lib/systemd/scripts sshdgenkeys
+	vinstall ${FILESDIR}/sshd.tmpfiles.d 644 usr/lib/tmpfiles.d sshd.conf
 }