diff --git a/ansible/base-system/playbook.yml b/ansible/base-system/playbook.yml
index ea6b82e..e9c4570 100644
--- a/ansible/base-system/playbook.yml
+++ b/ansible/base-system/playbook.yml
@@ -3,5 +3,6 @@
   connection: local
   roles:
     - { role: packages, become: true}
+    - { role: ssh, become: true}
     - configs
 
diff --git a/ansible/base-system/roles/ssh/handlers/main.yml b/ansible/base-system/roles/ssh/handlers/main.yml
new file mode 100644
index 0000000..895ef74
--- /dev/null
+++ b/ansible/base-system/roles/ssh/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: Reload sshd
+  ansible.builtin.service:
+    name: sshd
+    state: restarted
diff --git a/ansible/base-system/roles/ssh/tasks/main.yml b/ansible/base-system/roles/ssh/tasks/main.yml
index 948e129..61aa7a4 100644
--- a/ansible/base-system/roles/ssh/tasks/main.yml
+++ b/ansible/base-system/roles/ssh/tasks/main.yml
@@ -1,18 +1,12 @@
 ---
+- name: Put authorized keys
+  template:
+    src: files/auth_keys
+    dest: /etc/ssh/auth_keys
 
- - name: Put authorized keys
-   template:
-     src: files/auth_keys
-     dest: /etc/ssh/auth_keys
-
- - name: Put sshd config
-   template:
-     src: files/sshd_config
-     dest: /etc/ssh/sshd_config
-   notify: Reload sshd
-
- - name: Reload sshd
-   ansible.builtin.service:
-     name: sshd
-     state: restarted
+- name: Put sshd config
+  template:
+    src: files/sshd_config
+    dest: /etc/ssh/sshd_config
+  notify: Reload sshd