ci: preseed valgrind smoke host key

.github/workflows/ci.yml

@@ -59,12 +59,15 @@ jobs:
         }
         trap cleanup EXIT
 
+        ssh-keygen -q -t rsa -b 4096 -m PEM -N "" -f "$STATE_DIR/host_key"
+        chmod 600 "$STATE_DIR/host_key"
+
         TNT_RATE_LIMIT=0 valgrind --leak-check=full --error-exitcode=99 --log-file="$VALGRIND_LOG" \
           ./tnt -p "$PORT" -d "$STATE_DIR" >"$SERVER_LOG" 2>&1 &
         SERVER_PID=$!
 
         READY=0
-        for _ in $(seq 1 15); do
+        for _ in $(seq 1 60); do
           if ! kill -0 "$SERVER_PID" 2>/dev/null; then
             break
           fi

docs/CHANGELOG.md

@@ -64,6 +64,8 @@
   concurrent-session and connection-rate scenarios.
 - CI memory-leak smoke checks now use an isolated state directory, wait for
   real SSH readiness, and clean up the exact server PID instead of `pkill`.
+- CI memory-leak smoke checks now pre-generate the host key and use a longer
+  valgrind readiness window, avoiding false failures during slow startup.
 - Language parsing now tolerates surrounding whitespace and accepts the
   `english` alias, improving `TNT_LANG` and `:lang` ergonomics.
 - Refreshed the development guide's command/keybinding instructions so they