diff --git a/roles/ppm/tasks/oneapp.yml b/roles/ppm/tasks/oneapp.yml
index fe89ffe..ccfa54c 100644
--- a/roles/ppm/tasks/oneapp.yml
+++ b/roles/ppm/tasks/oneapp.yml
@@ -19,6 +19,23 @@
     line: "export XDG_RUNTIME_DIR=/run/user/$(id -u)"
     regexp: ^export XDG_RUNTIME_DIR=
 
+- name: "Ensure ssh configuration directory for user {{ ppm_app.user }}"
+  ansible.builtin.file:
+    state: directory
+    mode: "0700"
+    path: "{{ ppm_app_user.home }}/.ssh"
+    owner: "{{ ppm_app_user.name }}"
+    group: "{{ ppm_app_user.group }}"
+
+- name: "Place ssh key for user {{ ppm_app.user }}"
+  ansible.builtin.copy:
+    src: "{{ ppm_app.sshkey }}"
+    mode: "0600"
+    dest: "{{ ppm_app_user.home }}/.ssh/id_rsa"
+    owner: "{{ ppm_app_user.name }}"
+    group: "{{ ppm_app_user.group }}"
+  when: ppm_app.sshkey is defined
+
 - name: "Place configuration ({{ ppm_app.user }})"
   ansible.builtin.copy:
     content: "{{ ppm_app.appconfig | dict2items | selectattr('key', 'ne', 'code') | items2dict | to_nice_yaml }}"