diff --git a/tasks/aws_cloud.yml b/tasks/aws_cloud.yml
index 719bf5eca8..39f7347822 100644
--- a/tasks/aws_cloud.yml
+++ b/tasks/aws_cloud.yml
@@ -21,13 +21,18 @@
 - name: gather the temporary ssh host key from the new instance
   local_action: command ssh-keyscan -t rsa {{ inventory_hostname }}
   register: hostkey
+  loop:
+    - rsa
+    - ecdsa
+    - ed25519
   when: birthday is defined
 
 - name: add new ssh host key (until we can sign it)
-  local_action: known_hosts path={{item}} key="{{ hostkey.stdout }}"
+  local_action: known_hosts path={{item.0}} key="{{ item.1.stdout }}"
                 host={{ inventory_hostname }} state=present
-  with_items:
-  - /root/.ssh/known_hosts
+  with_nested:
+    - [/root/.ssh/known_hosts]
+    - "{{ hostkey.results }}"
   when: birthday is defined
 
 # from https://github.com/praiskup/ansible-role-fix-root-ssh