diff --git a/roles/system/defaults/main.yaml b/roles/system/defaults/main.yaml
new file mode 100644
index 0000000..e60978c
--- /dev/null
+++ b/roles/system/defaults/main.yaml
@@ -0,0 +1,4 @@
+---
+
+system_authorized_keys:
+  - "{{ lookup('file', '~/.ssh/keys/bob.pub') }}"
diff --git a/roles/system/tasks/main.yaml b/roles/system/tasks/main.yaml
index 068c2e0..0263ec1 100644
--- a/roles/system/tasks/main.yaml
+++ b/roles/system/tasks/main.yaml
@@ -36,3 +36,12 @@
     - packages
   become: true
 
+- name: Add authorized SSH keys
+  ansible.posix.authorized_key:
+    user: marty # FIXME: don't hardoce user
+    state: present
+    key: "{{ item }}"
+  loop: "{{ system_authorized_keys }}"
+  tags:
+    - ssh
+  become: true