diff --git a/ansible/prod/files/keys/bimetri_dev1.pub b/ansible/prod/files/keys/bimetri_dev1.pub
new file mode 100644
index 0000000..9a5bebc
--- /dev/null
+++ b/ansible/prod/files/keys/bimetri_dev1.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGmD75GTgifJZnJWUTjxraPDsNa+bVG+ghdvY6i1Ezrs dev1@bimetri.com
\ No newline at end of file
diff --git a/ansible/prod/files/keys/bimetri_dev2.pub b/ansible/prod/files/keys/bimetri_dev2.pub
new file mode 100644
index 0000000..330adb5
--- /dev/null
+++ b/ansible/prod/files/keys/bimetri_dev2.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIET+QM2a434/qJBtKqzrYtko/jHCI9O4PFw2Uf0RYXY+ dev2@bimetri.com
\ No newline at end of file
diff --git a/ansible/prod/files/keys/murat_ozdemir.pub b/ansible/prod/files/keys/murat_ozdemir.pub
new file mode 100644
index 0000000..5f533a3
--- /dev/null
+++ b/ansible/prod/files/keys/murat_ozdemir.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC09M6TWgOA/Wx7nXQ897N72fmufa7Vt2IWf28HzVM+FUGPUMDYxtVaFU9AjU7RMVMMnW9FA8vlK+/uxZd6q0rz+g9NlJ42GJ7mT/mYPI/sgY6q8PqtImSodzKr000ZEvuV+JRm5+NmqVwdf5/AYZiD26OfwxzM82RgGYCMb1r+CbZCtVn7/iUcZmFukyrLqmF9BuV5UZZj3RFcoVf7dYMhTA+JJ5F2JZrJARYSA8yaNTopOEfPwq7rCKxEQEHzc/wixTfbNqqX27hMJgOGD7XOMP5Zn1IK/5KALsDHe1r/LxQVTKodaiTEGSygTLYVbIP6YrIhxhrxAbcYP4Zgo8o6lshiFwgoRnDrSURIp0VZ+b33RLREihDLDnkPB+rbSivaHnUi3KZs5zNrpVWRJ1H14Ex3TZNCURcTMVVV62aDqxmk7B73CAiq0chclfqkgWcEPHiYjFEqUIg8ovIy6Go6fr7JVzdJxGHJ27R9eBALXZnoD6I22YMWoTcuqVL1lyTZ+4dGjjgUNQxuQl1YsopWroTVaFlhxgxFprouTqexeEPNKq1GKp8winJlBR6Z3gL0cAQ3k+lgA93c9yqwFkXjOX0kdlVi17F30QE+lc4n+oDKr92rtOO9hq8r1QGdeB6fbxdRcGRWledsWyDaCVTAF/bqjw8msw0mZ/l5qqqOew== murat@INSPIRON-15-3525
\ No newline at end of file
diff --git a/ansible/prod/group_vars/all/vars.yml b/ansible/prod/group_vars/all/vars.yml
index 573ecc0..91ad744 100644
--- a/ansible/prod/group_vars/all/vars.yml
+++ b/ansible/prod/group_vars/all/vars.yml
@@ -28,5 +28,8 @@ act_runner_labels: "prod-runner:docker://catthehacker/ubuntu:act-22.04,ubuntu-24
 swarm_manager_ip: "10.20.10.11"
 mongodb_replset_name: "rs0"
 admin_allowed_cidrs: "78.187.87.109/32 95.70.151.248/32 188.3.184.2/32"
-admin_ssh_public_key_path: "~/.ssh/id_rsa.pub"
+admin_ssh_public_keys:
+  - "{{ lookup('file', 'files/keys/murat_ozdemir.pub') }}"
+  - "{{ lookup('file', 'files/keys/bimetri_dev1.pub') }}"
+  - "{{ lookup('file', 'files/keys/bimetri_dev2.pub') }}"
 timezone: "Europe/Istanbul"
diff --git a/ansible/roles/hardening/tasks/main.yml b/ansible/roles/hardening/tasks/main.yml
index 33406ba..4dbe1e2 100644
--- a/ansible/roles/hardening/tasks/main.yml
+++ b/ansible/roles/hardening/tasks/main.yml
@@ -73,11 +73,26 @@
     create_home: yes
     state: present
 
-- name: Add SSH key to iklim user
+- name: Allow iklim user to use sudo without password
+  ansible.builtin.copy:
+    content: "iklim ALL=(ALL) NOPASSWD:ALL"
+    dest: /etc/sudoers.d/iklim
+    mode: '0440'
+    validate: /usr/sbin/visudo -cf %s
+
+- name: Add multiple SSH keys to iklim user (for human access)
   ansible.posix.authorized_key:
     user: iklim
     state: present
-    key: "{{ lookup('file', admin_ssh_public_key_path) }}"
+    key: "{{ item }}"
+  loop: "{{ admin_ssh_public_keys }}"
+
+- name: Add admin SSH keys to root as well (for emergency/bootstrap/ansible)
+  ansible.posix.authorized_key:
+    user: root
+    state: present
+    key: "{{ item }}"
+  loop: "{{ admin_ssh_public_keys }}"
 
 - name: Configure journald log limits
   ansible.builtin.lineinfile: