diff --git a/tasks/admin_keys.yml b/tasks/admin_keys.yml
new file mode 100644
index 0000000000000000000000000000000000000000..301cae5ff639bb5aed2db58d0420bf33380adf41
--- /dev/null
+++ b/tasks/admin_keys.yml
@@ -0,0 +1,14 @@
+---
+# file: roles/commonkeys/tasks/admin_keys.yml
+
+- name: "Read public key of admin user"
+  shell: cat /home/{{ username }}/.ssh/id_rsa.pub
+  register: pubkey
+
+- name: "Distribute public key of admin user"
+  authorized_key:
+    user='{{ username }}'
+    key="{{ hostvars[item].pubkey.stdout }} {{ item }}"
+    path='/home/{{ username }}/.ssh/fresh_auth_keys_tunnel_{{ item }}'
+  with_items: '{{ groups.all }}'
+  when: item != "localhost" and inventory_hostname != "localhost" and hostvars[item].pubkey is defined
diff --git a/tasks/main.yml b/tasks/main.yml
index a7a3b80380d676bd6b96ba8df1e57efa39f48d26..07579245ee87e3cf9d0d5c7e4915b18a2602a624 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -14,9 +14,11 @@
       loop_var: hostname
     when: hostname != "localhost" and inventory_hostname != "localhost"
 
-  - name: "Tunnel keys"
-    include: tunnel_keys.yml
-    when: tunnel_user_name|default('systunnel') in admins
+  - name: "Admin keys"
+    include: admin_keys.yml
+    loop_control:
+      loop_var: username
+    with_items: '{{ admins }}'
     tags: 'Keys'
 
   - name: "User keys"
diff --git a/tasks/tunnel_keys.yml b/tasks/tunnel_keys.yml
deleted file mode 100644
index 2e8a525450f7ed0fb862556a4c2a6b7ed5625c93..0000000000000000000000000000000000000000
--- a/tasks/tunnel_keys.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-# file: roles/commonkeys/tasks/tunnel_keys.yml
-
-- name: "Read public key of tunnel user"
-  shell: cat /home/{{ tunnel_user_name }}/.ssh/id_rsa.pub
-  register: pubkey
-
-- name: "Distribute public key of tunnel user"
-  authorized_key:
-    user='{{ tunnel_user_name }}'
-    key="{{ hostvars[item].pubkey.stdout }} {{ item }}"
-    path='/home/{{ tunnel_user_name }}/.ssh/fresh_auth_keys_tunnel_{{ item }}'
-  with_items: '{{ groups.all }}'
-  when: item != "localhost" and inventory_hostname != "localhost" and hostvars[item].pubkey is defined