diff --git a/.github/workflows/image-publish.yml b/.github/workflows/image-publish.yml
index 9a58e298869..c918ebfa8ef 100644
--- a/.github/workflows/image-publish.yml
+++ b/.github/workflows/image-publish.yml
@@ -198,5 +198,5 @@ jobs:
         run: |
           SHORT_SHA1=$(git rev-parse --short=7 HEAD)
           docker buildx build --platform linux/amd64 -f build/dockerfiles/dev.Dockerfile --push -t quay.io/che-incubator/che-code-dev:insiders -t quay.io/che-incubator/che-code-dev:next -t quay.io/che-incubator/che-code-dev:insiders-${SHORT_SHA1} .
-          docker buildx build --platform linux/amd64 -f build/dockerfiles/dev.sshd.Dockerfile --push -t quay.io/che-incubator/che-code-sshd:insiders -t quay.io/che-incubator/che-code-sshd:next -t quay.io/che-incubator/che-code-sshd:insiders-${SHORT_SHA1} .
+          docker buildx build --platform linux/amd64 -f build/dockerfiles/assembly.sshd.Dockerfile --push -t quay.io/che-incubator/che-code-sshd:insiders -t quay.io/che-incubator/che-code-sshd:next -t quay.io/che-incubator/che-code-sshd:insiders-${SHORT_SHA1} .
 
diff --git a/build/dockerfiles/assembly.sshd.Dockerfile b/build/dockerfiles/assembly.sshd.Dockerfile
new file mode 100644
index 00000000000..44ba243a06b
--- /dev/null
+++ b/build/dockerfiles/assembly.sshd.Dockerfile
@@ -0,0 +1,47 @@
+# Copyright (c) 2025 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+
+# UBI 8
+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.10 as sshd-ubi8
+
+USER 0
+
+RUN microdnf -y install libsecret openssh-server nss_wrapper-libs \
+      gzip tar which && \
+    microdnf -y clean all --enablerepo='*'
+
+# UBI 9/10
+FROM registry.access.redhat.com/ubi9/nodejs-20-minimal:9.7
+
+USER 0
+
+RUN microdnf -y install libsecret openssh-server nss_wrapper-libs && \
+    microdnf -y clean all --enablerepo='*'
+
+RUN mkdir -p /sshd-staging/ubi8 /sshd-staging/ubi9
+# UBI 8
+COPY --from=sshd-ubi8 /usr/sbin/sshd /usr/bin/ssh-keygen /usr/bin/tar /usr/bin/gzip /usr/bin/which /usr/lib64/libnss_wrapper.so /usr/lib64/libpam.so.0 /sshd-staging/ubi8/
+# UBI 9/10
+RUN cp /usr/sbin/sshd /usr/bin/ssh-keygen /usr/bin/tar /usr/bin/gzip /usr/bin/which /usr/lib64/libnss_wrapper.so /usr/lib64/libpam.so.0 /usr/lib64/libeconf.so.0 /usr/lib64/libcrypt.so.2 /sshd-staging/ubi9/
+
+# sshd_config is root:root 600
+RUN chmod 644 /etc/ssh/sshd_config
+RUN cp /etc/ssh/sshd_config /sshd-staging/
+
+# Add script to start and stop the service
+COPY --chown=0:0 /build/scripts/sshd.init /build/scripts/sshd.start /sshd-staging/
+
+RUN mkdir /opt/www
+COPY /build/scripts/code-sshd-page/* /opt/www/
+
+# Lock down /etc/passwd until fixed in UDI
+RUN chmod 644 /etc/passwd
+
+EXPOSE 2022 3400
+
+USER 10001
diff --git a/build/dockerfiles/dev.sshd.Dockerfile b/build/dockerfiles/dev.sshd.Dockerfile
deleted file mode 100644
index 812ecf918e9..00000000000
--- a/build/dockerfiles/dev.sshd.Dockerfile
+++ /dev/null
@@ -1,30 +0,0 @@
-# Copyright (c) 2025 Red Hat, Inc.
-# This program and the accompanying materials are made
-# available under the terms of the Eclipse Public License 2.0
-# which is available at https://www.eclipse.org/legal/epl-2.0/
-#
-# SPDX-License-Identifier: EPL-2.0
-#
-
-FROM registry.access.redhat.com/ubi9/nodejs-20-minimal:9.6
-
-USER 0
-
-RUN microdnf -y install libsecret openssh-server nss_wrapper-libs && \
-    microdnf -y clean all --enablerepo='*'
-
-# sshd_config is root:root 600
-RUN chmod 644 /etc/ssh/sshd_config
-
-# Add script to start and stop the service
-COPY --chown=0:0 /build/scripts/sshd.start /
-
-RUN mkdir /opt/www
-COPY /build/scripts/code-sshd-page/* /opt/www/
-
-# Lock down /etc/passwd until fixed in UDI
-RUN chmod 644 /etc/passwd
-
-EXPOSE 2022 3400
-
-USER 10001
diff --git a/build/scripts/sshd.init b/build/scripts/sshd.init
new file mode 100755
index 00000000000..0f795129839
--- /dev/null
+++ b/build/scripts/sshd.init
@@ -0,0 +1,22 @@
+#!/bin/bash
+#
+# Copyright (c) 2026 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+
+# copy provisioned data (from che-code-sshd) to shared volume
+cp -rp /sshd-staging/. /sshd/
+
+# wait for main container to set up sshd (will indicate username)
+while [ ! -e /sshd/username ]; do
+  sleep 1s
+done
+
+# start the landing page
+pushd /opt/www/
+exec node /opt/www/server.js
+
diff --git a/build/scripts/sshd.start b/build/scripts/sshd.start
index 8e152fd3ee3..c89a2220a44 100755
--- a/build/scripts/sshd.start
+++ b/build/scripts/sshd.start
@@ -8,11 +8,30 @@
 # SPDX-License-Identifier: EPL-2.0
 #
 
-# https://github.com/sclorg/s2i-nodejs-container/blob/master/22/root/opt/app-root/etc/generate_container_user
 USER_ID=$(id -u)
 
-export LD_PRELOAD=/sshd/libeconf.so.0:/sshd/libpam.so.0:/sshd/libcrypt.so.2
+sshd_libdir=
+. /etc/os-release
+case $VERSION_ID in
+  "8"*)
+  sshd_libdir=/sshd/ubi8
+  export LD_PRELOAD=$sshd_libdir/libpam.so.0
+  ;;
+  "9"*)
+  sshd_libdir=/sshd/ubi9
+  export LD_PRELOAD=$sshd_libdir/libeconf.so.0:$sshd_libdir/libpam.so.0:$sshd_libdir/libcrypt.so.2
+  ;;
+  "10"*)
+  sshd_libdir=/sshd/ubi9
+  export LD_PRELOAD=$sshd_libdir/libeconf.so.0:$sshd_libdir/libpam.so.0:$sshd_libdir/libcrypt.so.2
+  ;;
+  *)
+  sshd_libdir=/sshd/ubi9
+  export LD_PRELOAD=$sshd_libdir/libeconf.so.0:$sshd_libdir/libpam.so.0:$sshd_libdir/libcrypt.so.2
+  ;;
+esac
 
+# https://github.com/sclorg/s2i-nodejs-container/blob/master/22/root/opt/app-root/etc/generate_container_user
 # Configure passwd/group files for SSHD
 # Random user must have a login shell and appropriate home folder
 if [ x"$USER_ID" != x"0" -a x"$USER_ID" != x"1001" ]; then
@@ -22,25 +41,30 @@ if [ x"$USER_ID" != x"0" -a x"$USER_ID" != x"1001" ]; then
   # Some images (eg. UDI) may contain duplicate users with different IDs
   USER_NAME=$(grep ":$USER_ID:" /etc/passwd | cut -d: -f1)
 
-  cat /etc/passwd | sed \
-  -e "/$USER_ID/ s|/sbin/nologin|/bin/bash|" \
-  -e "/$USER_ID/ s|:/:|:/var/tmp/user:|" \
-  -e "/$USER_NAME:/{/:$USER_ID:/!d;}" \
-  > $NSS_WRAPPER_PASSWD
+  if [ -z $USER_NAME ]; then
+    cp /etc/passwd $NSS_WRAPPER_PASSWD
+    echo "$USER_ID:x:$USER_ID:$USER_ID::/var/tmp/user:/bin/bash" >> $NSS_WRAPPER_PASSWD
+  else
+    cat /etc/passwd | sed \
+    -e "/$USER_ID/ s|/sbin/nologin|/bin/bash|" \
+    -e "/$USER_ID/ s|:/:|:/var/tmp/user:|" \
+    -e "/$USER_NAME:/{/:$USER_ID:/!d;}" \
+    > $NSS_WRAPPER_PASSWD
+  fi
 
   export NSS_WRAPPER_PASSWD
   export NSS_WRAPPER_GROUP
-  export LD_PRELOAD=$LD_PRELOAD:/sshd/libnss_wrapper.so
+  export LD_PRELOAD=$LD_PRELOAD:$sshd_libdir/libnss_wrapper.so
 fi
 
-if [ $HOME = "/" ]; then
+if [ $HOME = "/" ] || [ -z $USER_NAME ]; then
   export HOME=/var/tmp/user
   mkdir -p /var/tmp/user
 fi
 
 # Common tools needed to set up service
 mkdir -p $HOME/bin
-cp /sshd/tar /sshd/gzip /sshd/which $HOME/bin/
+cp $sshd_libdir/tar $sshd_libdir/gzip $sshd_libdir/which $HOME/bin/
 echo 'export PATH=$PATH:$HOME/bin' >> $HOME/.profile
 
 # Set up environment variables injected into PID 1 (.profile & .bashrc)
@@ -53,10 +77,10 @@ mkdir /var/tmp/ssh
 chmod 755 /var/tmp/ssh
 
 # Generate SSH Host keys
-/sshd/ssh-keygen -q -N "" -t dsa -f /var/tmp/ssh/ssh_host_dsa_key && \
-/sshd/ssh-keygen -q -N "" -t rsa -b 4096 -f /var/tmp/ssh/ssh_host_rsa_key && \
-/sshd/ssh-keygen -q -N "" -t ecdsa -f /var/tmp/ssh/ssh_host_ecdsa_key && \
-/sshd/ssh-keygen -q -N "" -t ed25519 -f /var/tmp/ssh/ssh_host_ed25519_key
+$sshd_libdir/ssh-keygen -q -N "" -t dsa -f /var/tmp/ssh/ssh_host_dsa_key && \
+$sshd_libdir/ssh-keygen -q -N "" -t rsa -b 4096 -f /var/tmp/ssh/ssh_host_rsa_key && \
+$sshd_libdir/ssh-keygen -q -N "" -t ecdsa -f /var/tmp/ssh/ssh_host_ecdsa_key && \
+$sshd_libdir/ssh-keygen -q -N "" -t ed25519 -f /var/tmp/ssh/ssh_host_ed25519_key
 
 # Ensure appropriate permissions
 chmod 600 /var/tmp/ssh/ssh_host_* /sshd/sshd_config
@@ -81,7 +105,7 @@ mkdir -p $HOME/.ssh
 if [ -f /etc/ssh/dwo_ssh_key.pub ]; then
   cp /etc/ssh/dwo_ssh_key.pub $HOME/.ssh/authorized_keys
 else
-  /sshd/ssh-keygen -q -N '' -t ed25519 -f /sshd/ssh_client_ed25519_key
+  $sshd_libdir/ssh-keygen -q -N '' -t ed25519 -f /sshd/ssh_client_ed25519_key
   cp /sshd/ssh_client_ed25519_key.pub $HOME/.ssh/authorized_keys
 fi
 
@@ -91,5 +115,5 @@ cp /sshd/sshd_config /var/tmp/ssh/
 echo -n "$(whoami)" > /sshd/username
 
 # start SSHD
-exec /sshd/sshd -D -f /var/tmp/ssh/sshd_config -E /tmp/sshd.log
+exec $sshd_libdir/sshd -D -f /var/tmp/ssh/sshd_config -E /tmp/sshd.log