diff --git a/deploy.yml b/deploy.yml
index f250242..0aa190f 100644
--- a/deploy.yml
+++ b/deploy.yml
@@ -55,6 +55,7 @@
   roles:
     - basic
     - users
+    - sshd
   vars:
     users:
       - rilla
diff --git a/roles/sshd/tasks/certs.yml b/roles/sshd/tasks/certs.yml
index 578b8c0..06c6a82 100644
--- a/roles/sshd/tasks/certs.yml
+++ b/roles/sshd/tasks/certs.yml
@@ -5,7 +5,6 @@
     dest: "/etc/ssh/ssh_host_ed25519_key-cert.pub"
     mode: '0644'
     owner: root
-    group: root
 
 - name: ssh_host_ed25519_key.pub
   copy:
@@ -13,7 +12,6 @@
     dest: "/etc/ssh/ssh_host_ed25519_key.pub"
     mode: '0644'
     owner: root
-    group: root
 
 - name: ssh_host_ed25519_key
   copy:
@@ -21,7 +19,6 @@
     dest: "/etc/ssh/ssh_host_ed25519_key"
     mode: '0600'
     owner: root
-    group: root
 
 - name: copy user_ca.pub
   copy:
@@ -29,7 +26,6 @@
     dest: "/etc/ssh/user_ca.pub"
     mode: '0644'
     owner: root
-    group: root
 
 - name: copy ssh_known_hosts
   copy:
@@ -37,4 +33,3 @@
     dest: "/etc/ssh/ssh_known_hosts"
     mode: '0644'
     owner: root
-    group: root
diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml
index a1aacad..d918abb 100644
--- a/roles/sshd/tasks/main.yml
+++ b/roles/sshd/tasks/main.yml
@@ -5,7 +5,6 @@
     dest: /etc/ssh/sshd_config
     mode: '0644'
     owner: root
-    group: wheel
 
 - name: setup host ssh certificates
   include_tasks: certs.yml