diff --git a/roles/ssh_known_hosts/templates/ssh_known_hosts.j2 b/roles/ssh_known_hosts/templates/ssh_known_hosts.j2
index d6fc971..6019166 100644
--- a/roles/ssh_known_hosts/templates/ssh_known_hosts.j2
+++ b/roles/ssh_known_hosts/templates/ssh_known_hosts.j2
@@ -1,5 +1,5 @@
-{% for host, vars in hostvars|dictsort %}
-{%   if vars["ansible_ssh_host_key_ed25519_public"] is defined %}
-{{ host }} ssh-ed25519 {{ vars["ansible_ssh_host_key_ed25519_public"] }}
-{%   endif %}
+{% set keys = lookup('fileglob', '/srv/sshca/ca/*.pub', wantlist=True) %}
+{% for key in keys %}
+{%   set data = lookup('ansible.builtin.file', key) | split() %}
+@cert-authority *.foo.sh {{ data[0:2] | join(' ') }}
 {% endfor %}