diff --git a/files/fedora-cloud/fed_cloud09_nova_public_key b/files/fedora-cloud/fed_cloud09_nova_public_key
new file mode 100644
index 0000000000..4aa7d68948
--- /dev/null
+++ b/files/fedora-cloud/fed_cloud09_nova_public_key
@@ -0,0 +1 @@
+{{fed_cloud09_nova_public_key}}
diff --git a/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml b/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml
index c0c99fa968..fb9c207916 100644
--- a/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml
+++ b/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml
@@ -231,11 +231,16 @@
   - command: packstack --answer-file=/root/packstack-controller-answers.txt
     when: packstack_sucessfully_finished.stat.exists == False
   - file: path=/etc/packstack_sucessfully_finished state=touch
+  # FIXME we should really reboot here
 
   - name: Set shell to nova user to allow cold migrations
     user: name=nova shell=/bin/bash
-
-  # FIXME we should really reboot here
+  - name: SSH authorized key for nova user
+    authorized_key: user=nova key="{{fed_cloud09_nova_public_key}}"
+  - name: SSH public key for nova user
+    template: src={{ files }}/fedora-cloud/fed_cloud09_nova_public_key dest=/var/lib/nova/.ssh/id_rsa.pub owner=nova group=nova
+  - name: Deploy private SSH key
+    copy: src={{ private }}/files/openstack/fed-cloud09-nova.key dest=/var/lib/nova/.ssh/id_rsa mode=600 owner=nova group=nova
 
   # http://docs.openstack.org/icehouse/install-guide/install/yum/content/basics-queue.html
   # https://openstack.redhat.com/Securing_services#qpid
diff --git a/roles/cloud_compute/tasks/main.yml b/roles/cloud_compute/tasks/main.yml
index 39ab69ad44..794245f07e 100644
--- a/roles/cloud_compute/tasks/main.yml
+++ b/roles/cloud_compute/tasks/main.yml
@@ -287,10 +287,12 @@
 
 - name: Set shell to nova user to allow cold migrations
   user: name=nova shell=/bin/bash
-- name: SSH public key for nova user
+- name: SSH authorized key for nova user
   authorized_key: user=nova key="{{fed_cloud09_nova_public_key}}"
+- name: SSH public key for nova user
+  template: src={{ files }}/fedora-cloud/fed_cloud09_nova_public_key dest=/var/lib/nova/.ssh/id_rsa.pub owner=nova group=nova
 - name: Deploy private SSH key
-  copy: src={{ private }}/files/openstack/fed-cloud09-nova.key dest=/var/lib/nova/.ssh/ mode=600 owner=nova group=nova
+  copy: src={{ private }}/files/openstack/fed-cloud09-nova.key dest=/var/lib/nova/.ssh/id_rsa mode=600 owner=nova group=nova
 
 # This needs to be run after controller reprovision
 - name: "restart neutron-openvswitch-agent"