diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..ce68c33f7e1382f03405ca9bd0a863e01b9bf750
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,2 @@
+ssh_initramfs:
+  copy_from_root: false
diff --git a/tasks/main.yml b/tasks/main.yml
index 539eaabaf7e01908ccdd64d7823cd8709ae2dd63..9dc3c4ba29ad5d2c3e78e14017c3d410b228348d 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -12,6 +12,7 @@
     group: root
 
 - name: write authorized_keys file for dropbear-initramfs
+  when: not ssh_initramfs.copy_from_root
   notify: update initramfs
   template:
     src: authorized_keys.j2
@@ -19,3 +20,14 @@
     mode: 0644
     owner: root
     group: root
+
+- name: copy authorized_keys file from root user to dropbear-initramfs
+  when: ssh_initramfs.copy_from_root
+  notify: update initramfs
+  copy:
+    src: /root/.ssh/authorized_keys
+    dest: "{{ dropbear_initramfs_path }}/authorized_keys"
+    remote_src: true
+    mode: 0644
+    owner: root
+    group: root
diff --git a/vars/main.yml b/vars/main.yml
index 25e0d8b8ecd15c9812c776cabff4cc8472eee8bb..c4383c9e2b16f6dd31a7cb0e8da26d8ff8738c47 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -1,2 +1,2 @@
-dropbear_initramfs_path: "{% if ansible_distribution_release == 'bullseye' %}/etc/dropbear-initramfs/{% else %}/etc/dropbear/initramfs/{% endif %}"
-dropbear_initramfs_config_path: "{{ dropbear_initramfs_path }}{% if ansible_distribution_release == 'bullseye' %}config{% else %}dropbear.conf{% endif %}"
+dropbear_initramfs_path: "{% if (ansible_distribution_release|lower) in ['buster', 'bullseye'] %}/etc/dropbear-initramfs/{% else %}/etc/dropbear/initramfs/{% endif %}"
+dropbear_initramfs_config_path: "{{ dropbear_initramfs_path }}{% if (ansible_distribution_release|lower) in ['buster', 'bullseye'] %}config{% else %}dropbear.conf{% endif %}"