I'm all for making the password reset system more secure, as long as it isn't required. I don't think the risk is substantial for isolated networks, and being forced to reconfigure every template would be a big hassle.
I do agree that SSH Key injection should also be available in the GUI. It's a standard feature in most other "cloud" orchestration suites, and as mature as the project is I don't see there being a good excuse for it not being there. I would think a decent developer could knock it out in an afternoon. I didn't know there was an existing issue open (that hasn't been touched in almost two years), so I opened another one here recently: https://issues.apache.org/jira/browse/CLOUDSTACK-7882 - This can be merged/marked as duplicate if needed, but it does need some attention.
