diff --git a/roles/base/tasks/users/rene.yml b/roles/base/tasks/users/rene.yml
index 2afbd81..092b1a4 100644
--- a/roles/base/tasks/users/rene.yml
+++ b/roles/base/tasks/users/rene.yml
@@ -16,16 +16,24 @@
     - public_keys/yubikey.pub
 
 - name: users | rene | install private ssh keys
-  blockinfile:
-    dest: "/home/rene/.ssh/{{ item.dest }}"
-    create: true
-    block: |
-      {{ lookup('file',item.src) }}
-    owner: rene
-    group: rene
-    mode: '0600'
-    marker_begin: ""
-    marker_end: ""
+  block:
+    - name: users | rene | cat block into keyfile
+      blockinfile:
+        dest: "/home/rene/.ssh/{{ item.dest }}"
+        state: present
+        create: true
+        block: |
+          {{ lookup('file',item.src) }}
+        owner: rene
+        group: rene
+        mode: '0600'
+        marker_begin: ""
+        marker_end: ""
+    - name: users | rene | remove ansible comments from keyfile
+      lineinfile:
+        path: "home/rene/.ssh/{{ item.dest }}"
+        state: absent
+        line: "#  ANSIBLE MANAGED BLOCK" # not required. The line to insert/replace into the file. Required for C(state=present). If C(backrefs) is set, may contain backreferences that will get expanded with the C(regexp) capture groups if the regexp matches.
   loop:
     - {src: private_keys/gitlab_read_ed25519, dest: gitlab_read_ed25519}
     # - private_keys/id_dsa
diff --git a/roles/base/tasks/users/root.yml b/roles/base/tasks/users/root.yml
index 4a34677..ec92884 100644
--- a/roles/base/tasks/users/root.yml
+++ b/roles/base/tasks/users/root.yml
@@ -25,16 +25,24 @@
     - public_keys/backup_ed25519.pub
 
 - name: users | root | install private ssh keys
-  blockinfile:
-    dest: "/root/.ssh/{{ item.dest }}"
-    create: true
-    block: |
-      {{ lookup('file',item.src) }}
-    owner: root
-    group: root
-    mode: '0600'
-    marker_begin: ""
-    marker_end: ""
+  block:
+    - name: users | root | cat block into keyfile
+      blockinfile:
+        dest: "/root/.ssh/{{ item.dest }}"
+        state: present
+        create: true
+        block: |
+          {{ lookup('file',item.src) }}
+        owner: root
+        group: root
+        mode: '0600'
+        marker_begin: ""
+        marker_end: ""
+    - name: users | root | remove ansible comments from keyfile
+      lineinfile:
+        path: "/root/.ssh/{{ item.dest }}"
+        state: absent
+        line: "#  ANSIBLE MANAGED BLOCK"
   loop:
     - {src: private_keys/gitlab_read_ed25519, dest: gitlab_read_ed25519}