diff --git a/tests/integration/kubernetes/runtimeclass_workloads/confidential/unencrypted/Dockerfile b/tests/integration/kubernetes/runtimeclass_workloads/confidential/unencrypted/Dockerfile
new file mode 100644
index 0000000000..e4db179394
--- /dev/null
+++ b/tests/integration/kubernetes/runtimeclass_workloads/confidential/unencrypted/Dockerfile
@@ -0,0 +1,37 @@
+# Copyright (c) 2023 Intel Corporatiion
+#
+# SPDX-License-Identifier: Apache-2.0
+
+# We know that using latest is error prone, we're taking the risk here.
+# hadolint ignore=DL3007
+FROM alpine:latest
+
+# We don't need a specific version of those packages
+# hadolint ignore=DL3018
+RUN apk add --no-cache curl openssh-server
+
+# Download and install `cpuid`, which will be used to detect
+# whether we're the container is running on a TEE guest
+# hadolint ignore=DL3059
+RUN /bin/sh -c \
+    'ARCH=$(uname -m) && \
+    [[ "${ARCH}" == "x86_64" ]] && \
+    curl -LO https://github.com/klauspost/cpuid/releases/download/v2.2.5/cpuid-Linux_x86_64_2.2.5.tar.gz && \
+    tar -xvzf cpuid-Linux_x86_64_2.2.5.tar.gz  -C /usr/bin && \
+    rm -rf cpuid-Linux_x86_64_2.2.5.tar.gz && \
+    rm -f /usr/bin/LICENSE'
+
+# This is done just to avoid the following error starting sshd
+# `sshd: no hostkeys available -- exiting.`
+# hadolint ignore=DL3059
+RUN ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -P ""
+
+# A password needs to be set for login to work. An empty password is
+# unproblematic as password-based login to root is not allowed.
+# hadolint ignore=DL3059
+RUN passwd -d root
+
+# Generated with `ssh-keygen -t ed25519 -f unencrypted -P "" -C ""`
+COPY ssh/unencrypted.pub /root/.ssh/authorized_keys
+
+ENTRYPOINT ["/usr/sbin/sshd", "-D"]
diff --git a/tests/integration/kubernetes/runtimeclass_workloads/confidential/unencrypted/ssh/unencrypted b/tests/integration/kubernetes/runtimeclass_workloads/confidential/unencrypted/ssh/unencrypted
new file mode 100644
index 0000000000..1f75d37d6e
--- /dev/null
+++ b/tests/integration/kubernetes/runtimeclass_workloads/confidential/unencrypted/ssh/unencrypted
@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACD5RDTjWd8c793pKpOUGt+/D+Fa7PMVUQtSudt6R8JMYAAAAIh44GnReOBp
+0QAAAAtzc2gtZWQyNTUxOQAAACD5RDTjWd8c793pKpOUGt+/D+Fa7PMVUQtSudt6R8JMYA
+AAAEDwZtSRH/KNwmm/QCMHcif3iMQpGPOr2d12hcQqMY3KJPlENONZ3xzv3ekqk5Qa378P
+4Vrs8xVRC1K523pHwkxgAAAAAAECAwQF
+-----END OPENSSH PRIVATE KEY-----
diff --git a/tests/integration/kubernetes/runtimeclass_workloads/confidential/unencrypted/ssh/unencrypted.pub b/tests/integration/kubernetes/runtimeclass_workloads/confidential/unencrypted/ssh/unencrypted.pub
new file mode 100644
index 0000000000..ce3b9ef607
--- /dev/null
+++ b/tests/integration/kubernetes/runtimeclass_workloads/confidential/unencrypted/ssh/unencrypted.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPlENONZ3xzv3ekqk5Qa378P4Vrs8xVRC1K523pHwkxg