diff --git a/README.md b/README.md
index 578ea8f..d2bcdd1 100644
--- a/README.md
+++ b/README.md
@@ -16,6 +16,7 @@ Defaults:
 - `ssh_hardening_hostkeys_all`: `dsa`, `ecdsa`, `rsa`, `ed25519`
 - `ssh_hardening_moduli`: `/etc/ssh/moduli`
 - `ssh_hardening_moduli_backup`: `/etc/ssh/moduli.not-hardened`
+- `ssh_hardening_root_group`: `root`
 - `ssh_hardening_service_name`: `sshd`
 - `ssh_hardening_sshd_config`: `/etc/ssh/sshd_config`
 
@@ -23,7 +24,10 @@ Included via `vars/ssh_*`:
 - `ssh_hardening_opts`: Parameter/Values to set for specific SSH version
 
 Included via `vars/os_*`:
+- `ssh_hardening_moduli`
+- `ssh_hardening_moduli_backup`
 - `ssh_hardening_service_name`
+- `ssh_hardening_root_group`
 
 Command line variables (undefined):
 - `ssh_hardening_force`: version/id to include, overwrites detected version!
diff --git a/defaults/main.yml b/defaults/main.yml
index 844a468..8f20905 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -12,6 +12,8 @@ ssh_hardening_hostkeys_all:
 ssh_hardening_moduli: /etc/ssh/moduli
 ssh_hardening_moduli_backup: /etc/ssh/moduli.not-hardened
 
+ssh_hardening_root_group: root
+
 ssh_hardening_service_name: sshd
 
 ssh_hardening_sshd_config: /etc/ssh/sshd_config
diff --git a/tasks/main.yml b/tasks/main.yml
index 8ac0771..9bd64a6 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -2,11 +2,11 @@
 - name: Set some variables
   set_fact:
     ssh_hardening_backup_suffix: "42.{{ ansible_date_time.date }}@{{ ansible_date_time.time }}~"
-    ssh_hardening_distri: "{{ (ansible_distribution|lower).split(' ')[0] }}-{{ ansible_distribution_major_version }}"
+    ssh_hardening_distri: "{{ (ansible_distribution|lower).split(' ')[0] }}-{{ ansible_distribution_major_version|default(ansible_distribution_version) }}"
 
 
 - name: Get SSH version number
-  shell: 'ssh -V 2>&1 | grep -o "OpenSSH_[0-9]\+\.[0-9]" | grep -o "[0-9]\+\.[0-9]"'
+  shell: 'ssh -V 2>&1 | grep -Eo "OpenSSH_[0-9]+\.[0-9]+" | grep -Eo "[0-9]+\.[0-9]+"'
   changed_when: False
   register: ssh_hardening_version
 
@@ -39,7 +39,7 @@
     dest: "{{ ssh_hardening_sshd_config }}.{{ ssh_hardening_backup_suffix }}"
     remote_src: yes
     owner: root
-    group: root
+    group: "{{ ssh_hardening_root_group }}"
     mode: 0600
 
 ####################
diff --git a/tasks/moduli.yml b/tasks/moduli.yml
index 197c0b9..bd900a1 100644
--- a/tasks/moduli.yml
+++ b/tasks/moduli.yml
@@ -11,13 +11,13 @@
 
 
 - name: 'Moduli: Check for small Diffie-Hellman moduli'
-  shell: "grep -c ' 1535 \\| 2047 ' /etc/ssh/moduli || true"
+  shell: "grep -Ec ' 1535 | 2047 ' {{ ssh_hardening_moduli }} || true"
   changed_when: False
   register: ssh_hardening_moduli_small
 
 
 - name: 'Moduli: Remove small Diffie-Hellman moduli'
-  shell: "TMPF=$(mktemp) && awk '$5 >= 3071' /etc/ssh/moduli >${TMPF} && mv ${TMPF} /etc/ssh/moduli"
+  shell: "TMPF=$(mktemp) && awk '$5 >= 3071' {{ ssh_hardening_moduli }} >${TMPF} && mv ${TMPF} {{ ssh_hardening_moduli }}"
   when: ssh_hardening_moduli_small.stdout|int > 0
 
 
diff --git a/vars/os_openbsd.yml b/vars/os_openbsd.yml
new file mode 100644
index 0000000..8a87057
--- /dev/null
+++ b/vars/os_openbsd.yml
@@ -0,0 +1,6 @@
+---
+ssh_hardening_root_group: wheel
+
+ssh_hardening_moduli: /etc/moduli
+ssh_hardening_moduli_backup: /etc/moduli.not-hardened
+