diff --git a/hosts/base-lxc.nix b/hosts/base-lxc.nix
index ae10ef8..8f0ae25 100644
--- a/hosts/base-lxc.nix
+++ b/hosts/base-lxc.nix
@@ -19,7 +19,7 @@ in
   users = {
     users.root = {
       hashedPassword = "$6$gir1YD6tNdC9xAj0$zLr1yt/ea9PvwygjHfQVnPmeCd1.2zrAKWiN80duidwOkZF6hwm06ta6J3O9uw6F3uUHC0N7iiKYhCgXXR.Q7/";
-      openssh.authorizedKeys.keys = sshKeys.infra-core;
+      openssh.authorizedKeys.keys = sshKeys.provisioning-machine;
     };
   };
 
diff --git a/modules/utils/server-node-users.nix b/modules/utils/server-node-users.nix
index e32bf95..0a9c7fb 100644
--- a/modules/utils/server-node-users.nix
+++ b/modules/utils/server-node-users.nix
@@ -25,7 +25,7 @@ in
 
       users.root = {
         hashedPassword = "!";
-        openssh.authorizedKeys.keys = sshKeys.infra-core;
+        openssh.authorizedKeys.keys = sshKeys.provisioning-machine;
       };
 
       users.pazpi = {
diff --git a/secrets.nix b/secrets.nix
index f68b1bf..0a1f972 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -39,6 +39,6 @@ in
 builtins.listToAttrs (
   map (secretName: {
     name = "secrets/${secretName}.age";
-    value.publicKeys = secrets."${secretName}" ++ keys.infra-core;
+    value.publicKeys = secrets."${secretName}" ++ keys.provisioning-machine;
   }) (builtins.attrNames secrets)
 )
diff --git a/ssh-keys.nix b/ssh-keys.nix
index 9a73d28..7101283 100644
--- a/ssh-keys.nix
+++ b/ssh-keys.nix
@@ -1,12 +1,9 @@
 rec {
   deadbeef = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhiGLc/whCY3lCmDiRlYnMJOLiO/gvcRj/sKVEFVAhQ pazpi@deadbeef";
+  colmena = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG2r9aO4pty4j2dgRIKe68DPPwdtZBEDlz54F2VBdKcg pazpi@colmena";
 
   ai = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAm5OG80MtjLCEnibCTgW1oeVRmVYVlVwf28HZAWQZE6 ai";
 
-  krzo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILrVYJrU6Ys2o/QYfI6Es5yqVVyjUyDYj6Fglvz63ywP krzo@pazpi.top";
-
-  colmena = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG2r9aO4pty4j2dgRIKe68DPPwdtZBEDlz54F2VBdKcg pazpi@colmena";
-
   # The key are found executing `ssh-keyscan <ip-address>`
   machines = {
     arr = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICjAFjbSGaeWnImPFBEQ/PeGz7hgpLhUYgZg5Hb/JJ42";
@@ -25,14 +22,18 @@ rec {
     zigbee2mqtt = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINN0z+RxfAIARVMFgtF9olJrL5lt95IoC0Mtzg0MKd3g";
   };
 
-  # Machines able to provision other machines
-  infra-core = [
-    deadbeef
-    ai
-    krzo
+  # Machines able to provisioning other machines
+  provisioning-machine = [
     colmena
+    deadbeef
   ];
 
+  # Machines able to login with other machines
+  infra-core = [
+    ai
+  ]
+  ++ provisioning-machine;
+
   # Machines in tailscale network
   tailscale-machine = [
     machines.arr