diff --git a/roles/MonashBioinformaticsPlatform_node_allocation/tasks/main.yml b/roles/MonashBioinformaticsPlatform_node_allocation/tasks/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..8a5bf2d56789282cc40e2bb5a47cd81f12b4a640
--- /dev/null
+++ b/roles/MonashBioinformaticsPlatform_node_allocation/tasks/main.yml
@@ -0,0 +1,4 @@
+---
+- name: Install tmux
+  apt: name=tmux state=latest
+  sudo: true
diff --git a/roles/jasons_ssh_ca/files/server_ca.pub b/roles/jasons_ssh_ca/files/server_ca.pub
new file mode 100644
index 0000000000000000000000000000000000000000..7e33e7cbf5a010dc6c9063e18d76017cddf09a39
--- /dev/null
+++ b/roles/jasons_ssh_ca/files/server_ca.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDOzj+PSIuuGMOkMK4UO01Y1d8+6jGYELM+msVDpeSCZCAYCqYzXay6QDl5IFpdlxlhWXzcsfbC8WcHy3z+jW6kP6BcqZd7+eYrZVcWeO9A+p67OcsOHw5ixhCjFlXKxX/3D4JeppQeIUswI33zw90QViAlOPsTQuvIIuNNKQhUvfTVvkljduFXNT3xjLWai+isYKWaCbfmaiQ7EQIQyX9a3RrBKcEsLbghk3UkSq/j1OlMTbIuBKfPu26slPNRQFVBjJJfkx+kFF9ArgywHDN5dX3CxGOJhC2KIBemOC5cXjUbUI15a1UReDqShhb0m4p9pTkFOexGOB17lh1/4nUuYt2xzRahNyAEz9i02eIaVkhYFjVn1OuKJ7pa44YwoGx8RmFjRp8W/i3Crbp/IqBzMCfOZmub98b0I7H9ryg+taACRga6sLqWTDrEAbj7zFmRaaOHDIvrFj5ITO4YKYwSaWKL8w19NX4VJqzO3VVHbmUxFBoK4tGDAQ39w6BfRdxdKb+FIe+MOz68k4ADKHJSf9+LCQOFEikKNkKVUNh7FjLwi5Wz7K4S5wjnrjTUiqNC5imst262UJjtTeg7wE7ngPOlpSi1Mh4pV3/tcAboiRF8ABS/P8P0chln1YbA73x45ZF/Is9XQ2XUJiUwutrcY+upRdu2p9JAeKxGrt8i7w== root@autht
diff --git a/roles/jasons_ssh_ca/handlers/main.yml b/roles/jasons_ssh_ca/handlers/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..875ea0a1df436812a61a5919059d0eb5b59e8884
--- /dev/null
+++ b/roles/jasons_ssh_ca/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: restart ssh debian
+  service: name=ssh state=restarted
+  sudo: true
+  when: ansible_os_family == "Debian"
diff --git a/roles/jasons_ssh_ca/tasks/main.yml b/roles/jasons_ssh_ca/tasks/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..4be9b14f7956c86fe584366c0df3dbd9d703fe97
--- /dev/null
+++ b/roles/jasons_ssh_ca/tasks/main.yml
@@ -0,0 +1,14 @@
+---
+- name: copy ca cert
+  copy: src=server_ca.pub dest=/etc/ssh/server_ca.pub owner=root group=root mode=644
+  sudo: true
+
+- name: edit sshd_config
+  lineinfile:
+  args: 
+    dest: /etc/ssh/sshd_config
+    line: TrustedUserCAKeys /etc/ssh/server_ca.pub
+    state: present
+  sudo: true
+  notify: restart ssh debian
+  when: ansible_os_family == "Debian"