Yep. When you install openssh-server, the host keys get generated and that package gets installed during creation of the(ir) image, thus everyone has the same server keys.
Maybe they've changed things since, but I've had/read several discussions (quite a while ago) where I understood their reasoning, but didn't agree with it. Usable for noobs is a valid reason to make certain choices, just not for me (as I'm not a noob).
That's why I like that netinstaller. My rules and my choices.