diff --git a/cvat/apps/git/git.py b/cvat/apps/git/git.py
index 3db8e4bc6e90..4f2769e6f4da 100644
--- a/cvat/apps/git/git.py
+++ b/cvat/apps/git/git.py
@@ -22,24 +22,6 @@
 import re
 import rq
 
-keys = subprocess.run(['ssh-add -l'], shell = True,
-    stdout = subprocess.PIPE).stdout.decode('utf-8').split('\n')
-
-if 'has no identities' in keys[0]:
-    keys_dir = '{}/keys'.format(os.getcwd())
-    ssh_dir = '{}/.ssh'.format(os.getenv('HOME'))
-    keys = os.listdir(keys_dir)
-    if not ('id_rsa' in keys and 'id_rsa.pub' in keys):
-        subprocess.run(['ssh-keygen -b 4096 -t rsa -f {}/id_rsa -q -N ""'.format(ssh_dir)], shell = True)
-        shutil.copyfile('{}/id_rsa'.format(ssh_dir), '{}/id_rsa'.format(keys_dir))
-        shutil.copyfile('{}/id_rsa.pub'.format(ssh_dir), '{}/id_rsa.pub'.format(keys_dir))
-    else:
-        shutil.copyfile('{}/id_rsa'.format(keys_dir), '{}/id_rsa'.format(ssh_dir))
-        shutil.copyfile('{}/id_rsa.pub'.format(keys_dir), '{}/id_rsa.pub'.format(ssh_dir))
-
-    subprocess.run(['ssh-add', '{}/*'.format(ssh_dir)])
-
-
 def _have_no_access_exception(ex):
     if 'Permission denied' in ex.stderr or 'Could not read from remote repository' in ex.stderr:
         keys = subprocess.run(['ssh-add -L'], shell = True,
@@ -154,11 +136,11 @@ def _update_config(self):
     def _init_host(self):
         user, host = self._parse_url()[:-1]
         check_command = 'ssh-keygen -F {} | grep "Host {} found"'.format(host, host)
-        add_command = 'ssh -o StrictHostKeyChecking=no -o ConnectTimeout=30 -q {}@{}'.format(user, host)
+        add_command = 'ssh -o StrictHostKeyChecking=no -o ConnectTimeout=30 {}@{}'.format(user, host)
         if not len(subprocess.run([check_command], shell = True, stdout = subprocess.PIPE).stdout):
-            proc = subprocess.run([add_command], shell = True, stdout = subprocess.PIPE, stderr = subprocess.PIPE)
-            stderr = proc.stderr.decode('utf-8')[:-2]
-            if proc.returncode > 1:
+            proc = subprocess.run([add_command], shell = True, stderr = subprocess.PIPE)
+            stderr = proc.stderr.decode('utf-8')
+            if proc.returncode > 1 and 'Permission denied' not in stderr:
                 raise Exception('Failed ssh connection. {}'.format(stderr))
             slogger.glob.info('Host {} has been added to known_hosts.'.format(host))
 
diff --git a/cvat/requirements/base.txt b/cvat/requirements/base.txt
index 764503dcb3c0..0c00faef9ce2 100644
--- a/cvat/requirements/base.txt
+++ b/cvat/requirements/base.txt
@@ -26,3 +26,4 @@ python-logstash==0.4.6
 django-revproxy==0.9.15
 rules==2.0
 GitPython==2.1.11
+filelock==3.0.10
diff --git a/cvat/settings/base.py b/cvat/settings/base.py
index 8fb2a052edf6..b0f4c7e802c0 100644
--- a/cvat/settings/base.py
+++ b/cvat/settings/base.py
@@ -16,7 +16,11 @@
 
 import os
 import sys
+import shutil
+import subprocess
+
 from pathlib import Path
+from filelock import FileLock
 
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 BASE_DIR = str(Path(__file__).parents[2])
@@ -34,6 +38,42 @@
         f.write("SECRET_KEY = '{}'\n".format(get_random_string(50, chars)))
     from keys.secret_key import SECRET_KEY
 
+
+def generate_ssh_keys():
+    keys_dir = '{}/keys'.format(os.getcwd())
+    ssh_dir = '{}/.ssh'.format(os.getenv('HOME'))
+    pidfile = os.path.join(ssh_dir, 'ssh.pid')
+
+    try:
+        with FileLock(pidfile):
+            subprocess.run(['ssh-add', '{}/*'.format(ssh_dir)])
+            keys = subprocess.run(['ssh-add -l'], shell = True,
+                stdout = subprocess.PIPE).stdout.decode('utf-8').split('\n')
+
+            if 'has no identities' in keys[0]:
+                print('SSH keys were not found')
+                keys = os.listdir(keys_dir)
+                if not ('id_rsa' in keys and 'id_rsa.pub' in keys):
+                    print('New pair of keys are being generated')
+                    subprocess.run(['ssh-keygen -b 4096 -t rsa -f {}/id_rsa -q -N ""'.format(ssh_dir)], shell = True)
+                    shutil.copyfile('{}/id_rsa'.format(ssh_dir), '{}/id_rsa'.format(keys_dir))
+                    shutil.copymode('{}/id_rsa'.format(ssh_dir), '{}/id_rsa'.format(keys_dir))
+                    shutil.copyfile('{}/id_rsa.pub'.format(ssh_dir), '{}/id_rsa.pub'.format(keys_dir))
+                    shutil.copymode('{}/id_rsa.pub'.format(ssh_dir), '{}/id_rsa.pub'.format(keys_dir))
+                else:
+                    print('Copying them from keys volume')
+                    shutil.copyfile('{}/id_rsa'.format(keys_dir), '{}/id_rsa'.format(ssh_dir))
+                    shutil.copymode('{}/id_rsa'.format(keys_dir), '{}/id_rsa'.format(ssh_dir))
+                    shutil.copyfile('{}/id_rsa.pub'.format(keys_dir), '{}/id_rsa.pub'.format(ssh_dir))
+                    shutil.copymode('{}/id_rsa.pub'.format(keys_dir), '{}/id_rsa.pub'.format(ssh_dir))
+                subprocess.run(['ssh-add', '{}/id_rsa'.format(ssh_dir)])
+        os.remove(pidfile)
+    except:
+        return
+
+
+generate_ssh_keys()
+
 # Application definition
 JS_3RDPARTY = {}