diff --git a/inventory/group_vars/all b/inventory/group_vars/all
index feaffeefaf..ff91e38237 100644
--- a/inventory/group_vars/all
+++ b/inventory/group_vars/all
@@ -236,6 +236,9 @@ ipa_admin_password: "{{ ipa_prod_admin_password }}"
 # Normal default sshd port is 22
 sshd_port: 22
 
+# List of names under which the host is available
+ssh_hostnames: []
+
 # assume collectd apache
 collectd_apache: true
 
diff --git a/inventory/host_vars/pkgs01.stg.phx2.fedoraproject.org b/inventory/host_vars/pkgs01.stg.phx2.fedoraproject.org
index 52bf163946..fb5332b255 100644
--- a/inventory/host_vars/pkgs01.stg.phx2.fedoraproject.org
+++ b/inventory/host_vars/pkgs01.stg.phx2.fedoraproject.org
@@ -10,5 +10,8 @@ volgroup: /dev/vg_virthost16
 vmhost: virthost16.phx2.fedoraproject.org
 datacenter: phx2
 
+ssh_hostnames:
+- pkgs.stg.fedoraproject.org
+
 # Need a eth0/eth1 install here.
 virt_install_command: "{{ virt_install_command_two_nic }}"
diff --git a/roles/base/tasks/sshcerts.yml b/roles/base/tasks/sshcerts.yml
index b30336f25a..7bf68277cf 100644
--- a/roles/base/tasks/sshcerts.yml
+++ b/roles/base/tasks/sshcerts.yml
@@ -82,8 +82,8 @@
 
 - name: Set some extra signing facts
   set_fact:
-    sign_hostnames: "{{inventory_hostname}}"
-    sign_validity: "-1h:+2w"
+    sign_hostnames: "[ '{{inventory_hostname}}' ] + ssh_hostnames | join(',')"
+    sign_validity: "-1h:+1y"
   when: env == "staging"
   tags:
   - sshd_config