diff --git a/roles/setupKnownHosts/tasks/main.yml b/roles/setupKnownHosts/tasks/main.yml
index 2f520d84659457471331e582e91827694fb7bfd8..ad1ebffe3ffe2c98ef37a7aecfa739af6f06bde1 100644
--- a/roles/setupKnownHosts/tasks/main.yml
+++ b/roles/setupKnownHosts/tasks/main.yml
@@ -1,10 +1,18 @@
 - name: "Templating /etc/ssh/known_hosts"
-  template: src=known_hosts.j2 dest=/etc/ssh/known_hosts owner=root group=root mode=600
+  template: src=known_hosts.j2 dest=/etc/ssh/ssh_known_hosts owner=root group=root mode=644
   sudo: true
-  register: sshknowhost 
+  register: sshknownhost 
 
-- name: ecrypt the hosts file
-  shell: ssh-keygen -H -f /etc/ssh/known_hosts
+- name: encrypt the hosts file
+  shell: ssh-keygen -H -f /etc/ssh/ssh_known_hosts
+  sudo: true
+  when: sshknownhost.changed
+
+- name: set read permissions 
+  file: path=/etc/ssh/ssh_known_hosts owner=root group=root mode=644 state=file
+  sudo: true
+
+- name: delete ssh_known_hosts.old
+  file: path=/etc/ssh/ssh_known_hosts.old  state=absent
   sudo: true
-  when: sshknowhost.changed
 
diff --git a/roles/setupKnownHosts/templates/known_hosts.j2 b/roles/setupKnownHosts/templates/known_hosts.j2
index 326660a1d7799932062e79ce44b9bc3a560c9207..b083b5ee6e037007b984b133264405c77a9340ff 100644
--- a/roles/setupKnownHosts/templates/known_hosts.j2
+++ b/roles/setupKnownHosts/templates/known_hosts.j2
@@ -2,14 +2,22 @@
 {% for node in groups['all'] %}
 {% for interface in hostvars[node]['ansible_interfaces'] %}
 {% if interface != "lo" %}
-{% set host = {'name': node, 'ip': hostvars[node]['ansible_'+interface]['ipv4']['address'], 'rsa': hostvars[node]['ansible_ssh_host_key_rsa_public']} %}
+{% if hostvars[node]['ansible_ssh_host_key_rsa_public'] %}
+{% set host = {'name': node, 'ip': hostvars[node]['ansible_'+interface]['ipv4']['address'], 'keytype':'ssh-rsa', 'key': hostvars[node]['ansible_ssh_host_key_rsa_public']} %}
 {% if nodelist.append(host) %}
 {% endif %}
 {% endif %}
+{% if hostvars[node]['ansible_ssh_host_key_ecdsa_public'] %}
+#{% set host = {'name': node, 'ip': hostvars[node]['ansible_'+interface]['ipv4']['address'], 'keytype':'ssh-ecdsa', 'key': hostvars[node]['ansible_ssh_host_key_ecdsa_public']} %}
+{% set host = {'name': node, 'ip': hostvars[node]['ansible_'+interface]['ipv4']['address'], 'keytype':'ecdsa-sha2-nistp256', 'key': hostvars[node]['ansible_ssh_host_key_ecdsa_public']} %}
+{% if nodelist.append(host) %}
+{% endif %}
+{% endif %}
+{% endif %}
 {% endfor %}
 {% endfor %}
 
-{% for host in nodelist|unique %}
-{{ host.ip }} ssh-rsa {{ host.rsa }}
-{{ host.name }} ssh-rsa {{ host.rsa }}
+{% for host in nodelist %}
+{{ host.ip }} {{ host.keytype }} {{ host.key }}
+{{ host.name }} {{ host.keytype }} {{ host.key }}
 {% endfor %}