diff --git a/tasks/main.yml b/tasks/main.yml
index d160a68..6ba02bd 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,5 +1,10 @@
 ---
 
+- include: regenerate.yml
+  when:
+    ssh_host_key_state is defined
+    and ssh_host_key_state == 'regenerated'
+
 - include: scan.yml
   when:
     ssh_host_key_state is defined
@@ -13,5 +18,7 @@
 - include: fetch.yml
   when:
     not ssh_host_key_state is defined
+    or ( ssh_host_key_state == 'fetched'
+    and ssh_host_key_state == 'regenerated' )
 
 - include: save.yml
diff --git a/tasks/regenerate.yml b/tasks/regenerate.yml
new file mode 100644
index 0000000..dc7c7ee
--- /dev/null
+++ b/tasks/regenerate.yml
@@ -0,0 +1,8 @@
+---
+
+- name: delete ssh host keys
+  shell: rm /etc/ssh/ssh_host_*
+  register: _ssh_host_keys_delete
+
+- name: reconfigure ssh server
+  shell: dpkg-reconfigure openssh-server