diff --git a/puppet/manifests/init.pp b/puppet/manifests/init.pp
index 4d2a588..c650292 100644
--- a/puppet/manifests/init.pp
+++ b/puppet/manifests/init.pp
@@ -9,6 +9,10 @@ class puppet::client {
         $puppet_server = "puppet"
     }
 
+    if ! $puppet_keylength {
+        $puppet_keylength = "2048"
+    }
+
     case $operatingsystem {
         openbsd: { $vardir = "/var/puppet" }
         default: { $vardir = "/var/lib/puppet" }
diff --git a/puppet/templates/puppet.conf.erb b/puppet/templates/puppet.conf.erb
index 3cc1c75..9b2d447 100644
--- a/puppet/templates/puppet.conf.erb
+++ b/puppet/templates/puppet.conf.erb
@@ -40,6 +40,9 @@
     pluginsignore = .svn CVS RCS
     factpath = $vardir/lib/facter
 
+    # The bit length of keys.
+    keylength = <%= puppet_keylength %>
+
 <% if puppetversion[/\d+/].to_i >= 2 -%>
 [agent]
 <% else -%>