diff --git a/tasks/main.yml b/tasks/main.yml
index 9bd64a6..713621b 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -62,6 +62,13 @@
   notify: Restart SSH
 
 
+- name: "Ensure ED25519 hostkey is available"
+  openssh_keypair:
+    path: /etc/ssh/ssh_host_ed25519_key
+    type: ed25519
+  when: '"ed25519" in ssh_hardening_hostkeys'
+
+
 - name: "Renew RSA hostkeys if too short"
   openssh_keypair:
     path: /etc/ssh/ssh_host_rsa_key