diff --git a/CHANGELOG b/CHANGELOG
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,10 @@
+### 3.39.0 - 2016-06-08
+  * Allow ecdsa-sha2-nistp256 hostkeys
+  * Add host_aliases attribute to sshkey resource
+  * Add support for PubkeyAuthentication in sshd_config
+
+### 3.38.0 - 2016-06-06
+  * Add param to manage MaxAuthTries in sshd_config
+
+### 2.0.0 - 2013-05-16 Garrett Honeycutt <code@garretthoneycutt.com>
+  * Rebirth
diff --git a/README.md b/README.md
@@ -556,6 +556,12 @@ String for HostbasedAuthentication option in sshd_config. Valid values are 'yes'
 
 - *Default*: 'no'
 
+sshd_pubkeyauthentication
+-------------------------
+String for PubkeyAuthentication option in sshd_config. Valid values are 'yes' and 'no'.
+
+- *Default*: 'yes'
+
 sshd_ignoreuserknownhosts
 -------------------------
 String for IgnoreUserKnownHosts option in sshd_config. Valid values are 'yes' and 'no'. Specifies whether sshd(8) should ignore the user's ~/.ssh/known_hosts during RhostsRSAAuthentication or HostbasedAuthentication.
@@ -624,7 +630,7 @@ Import all exported node SSH keys. Valid values are 'true' and 'false'.
 
 ssh_key_type
 ------------
-Encryption type for SSH key. Valid values are 'rsa', 'dsa', 'ssh-dss' and 'ssh-rsa'
+Encryption type for SSH key. Valid values are 'ecdsa-sha2-nistp256', 'rsa', 'dsa', 'ssh-dss' and 'ssh-rsa'
 
 - *Default*: 'ssh-rsa'
 

diff --git a/git b/git
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -81,6 +81,7 @@
   $sshd_config_hostkey                 = 'USE_DEFAULTS',
   $sshd_listen_address                 = undef,
   $sshd_hostbasedauthentication        = 'no',
+  $sshd_pubkeyauthentication           = 'yes',
   $sshd_ignoreuserknownhosts           = 'no',
   $sshd_ignorerhosts                   = 'yes',
   $manage_service                      = true,
@@ -561,6 +562,8 @@
 
   validate_re($sshd_hostbasedauthentication, '^(yes|no)$', "ssh::sshd_hostbasedauthentication may be either 'yes' or 'no' and is set to <${sshd_hostbasedauthentication}>.")
 
+  validate_re($sshd_pubkeyauthentication, '^(yes|no)$', "ssh::sshd_pubkeyauthentication may be either 'yes' or 'no' and is set to <${sshd_pubkeyauthentication}>.")
+
   validate_re($sshd_ignoreuserknownhosts, '^(yes|no)$', "ssh::sshd_ignoreuserknownhosts may be either 'yes' or 'no' and is set to <${sshd_ignoreuserknownhosts}>.")
 
   validate_re($sshd_ignorerhosts, '^(yes|no)$', "ssh::sshd_ignorerhosts may be either 'yes' or 'no' and is set to <${sshd_ignorerhosts}>.")
@@ -620,8 +623,11 @@
     'ssh-dsa','dsa': {
       $key = $::sshdsakey
     }
+    'ecdsa-sha2-nistp256': {
+          $key = $::sshecdsakey
+    }
     default: {
-      fail("ssh::ssh_key_type must be 'ssh-rsa', 'rsa', 'ssh-dsa', or 'dsa' and is <${ssh_key_type}>.")
+      fail("ssh::ssh_key_type must be 'ecdsa-sha2-nistp256', 'ssh-rsa', 'rsa', 'ssh-dsa', or 'dsa' and is <${ssh_key_type}>.")
     }
   }
 
@@ -789,9 +795,10 @@
 
   # export each node's ssh key
   @@sshkey { $::fqdn :
-    ensure => $ssh_key_ensure,
-    type   => $ssh_key_type,
-    key    => $key,
+    ensure       => $ssh_key_ensure,
+    host_aliases => [$::hostname, $::ipaddress],
+    type         => $ssh_key_type,
+    key          => $key,
   }
 
   file { 'ssh_known_hosts':

diff --git a/metadata.json b/metadata.json
@@ -1,6 +1,6 @@
 {
   "name": "ghoneycutt-ssh",
-  "version": "3.38.0",
+  "version": "3.39.0",
   "author": "ghoneycutt",
   "summary": "Manages SSH",
   "license": "Apache-2.0",

diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb
@@ -4,6 +4,8 @@
 
   default_facts = {
     :fqdn                   => 'monkey.example.com',
+    :hostname               => 'monkey',
+    :ipaddress              => '127.0.0.1',
     :osfamily               => 'RedHat',
     :ssh_version            => 'OpenSSH_6.6p1',
     :ssh_version_numeric    => '6.6',
@@ -12,6 +14,8 @@
 
   default_solaris_facts = {
     :fqdn                   => 'monkey.example.com',
+    :hostname               => 'monkey',
+    :ipaddress              => '127.0.0.1',
     :osfamily               => 'Solaris',
     :ssh_version            => 'Sun_SSH_2.2',
     :ssh_version_numeric    => '2.2',
@@ -188,6 +192,8 @@
         facts.merge(
           {
             :fqdn       => 'monkey.example.com',
+            :hostname   => 'monkey',
+            :ipaddress  => '127.0.0.1',
             :sshrsakey  => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ==',
           }
         )
@@ -385,6 +391,7 @@
         :sshd_config_subsystem_sftp        => '/opt/ssh/bin/sftp',
         :sshd_kerberos_authentication      => 'no',
         :sshd_password_authentication      => 'no',
+        :sshd_pubkeyauthentication         => 'no',
         :sshd_allow_tcp_forwarding         => 'no',
         :sshd_x11_forwarding               => 'no',
         :sshd_use_pam                      => 'no',
@@ -472,6 +479,7 @@
     it { should contain_file('sshd_config').with_content(/^AuthorizedKeysCommand \/path\/to\/command$/) }
     it { should contain_file('sshd_config').with_content(/^AuthorizedKeysCommandUser asdf$/) }
     it { should contain_file('sshd_config').with_content(/^HostbasedAuthentication no$/) }
+    it { should contain_file('sshd_config').with_content(/^PubkeyAuthentication no$/) }
     it { should contain_file('sshd_config').with_content(/^IgnoreUserKnownHosts no$/) }
     it { should contain_file('sshd_config').with_content(/^IgnoreRhosts yes$/) }
     it { should contain_file('sshd_config').with_content(/^ChrootDirectory \/chrootdir$/) }
@@ -2462,6 +2470,38 @@
     end
   end
 
+  describe 'with parameter sshd_pubkeyauthentication' do
+    let :facts do
+      default_facts.merge(
+        {
+        }
+      )
+    end
+
+    ['yes','no'].each do |value|
+      context "specified as valid #{value} (as #{value.class})" do
+        let(:params) { { :sshd_pubkeyauthentication => value } }
+
+        it { should contain_file('sshd_config').with_content(/^PubkeyAuthentication #{value}$/) }
+      end
+    end
+
+    ['YES',true,2.42,['array'],a = { 'ha' => 'sh' }].each do |value|
+      context "specified as invalid value #{value} (as #{value.class})" do
+        let(:params) { { :sshd_pubkeyauthentication => value } }
+        if value.is_a?(Array)
+          value = value.join
+        end
+
+        it do
+          expect {
+            should contain_class('ssh')
+          }.to raise_error(Puppet::Error,/ssh::sshd_pubkeyauthentication may be either 'yes' or 'no' and is set to/)
+        end
+      end
+    end
+  end
+
   describe 'with parameter sshd_ignoreuserknownhosts' do
     let :facts do
       default_facts.merge(

diff --git a/spec/fixtures/sshd_config_debian b/spec/fixtures/sshd_config_debian
@@ -49,6 +49,7 @@ PermitRootLogin yes
 
 #RSAAuthentication yes
 #PubkeyAuthentication yes
+PubkeyAuthentication yes
 #AuthorizedKeysFile .ssh/authorized_keys
 
 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts

diff --git a/spec/fixtures/sshd_config_rhel b/spec/fixtures/sshd_config_rhel
@@ -49,6 +49,7 @@ PermitRootLogin yes
 
 #RSAAuthentication yes
 #PubkeyAuthentication yes
+PubkeyAuthentication yes
 #AuthorizedKeysFile .ssh/authorized_keys
 
 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts

diff --git a/spec/fixtures/sshd_config_sles_12_x86_64 b/spec/fixtures/sshd_config_sles_12_x86_64
@@ -49,6 +49,7 @@ PermitRootLogin yes
 
 #RSAAuthentication yes
 #PubkeyAuthentication yes
+PubkeyAuthentication yes
 #AuthorizedKeysFile .ssh/authorized_keys
 
 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts

diff --git a/spec/fixtures/sshd_config_solaris b/spec/fixtures/sshd_config_solaris
@@ -47,6 +47,7 @@ PermitRootLogin yes
 
 #RSAAuthentication yes
 #PubkeyAuthentication yes
+PubkeyAuthentication yes
 #AuthorizedKeysFile .ssh/authorized_keys
 
 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts

diff --git a/spec/fixtures/sshd_config_suse_i386 b/spec/fixtures/sshd_config_suse_i386
@@ -49,6 +49,7 @@ PermitRootLogin yes
 
 #RSAAuthentication yes
 #PubkeyAuthentication yes
+PubkeyAuthentication yes
 #AuthorizedKeysFile .ssh/authorized_keys
 
 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts

diff --git a/spec/fixtures/sshd_config_suse_x86_64 b/spec/fixtures/sshd_config_suse_x86_64
@@ -49,6 +49,7 @@ PermitRootLogin yes
 
 #RSAAuthentication yes
 #PubkeyAuthentication yes
+PubkeyAuthentication yes
 #AuthorizedKeysFile .ssh/authorized_keys
 
 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts

diff --git a/templates/sshd_config.erb b/templates/sshd_config.erb
@@ -68,6 +68,7 @@ MaxAuthTries <%= @sshd_config_maxauthtries %>
 
 #RSAAuthentication yes
 #PubkeyAuthentication yes
+PubkeyAuthentication <%= @sshd_pubkeyauthentication %>
 #AuthorizedKeysFile .ssh/authorized_keys
 <% if @sshd_config_authkey_location -%>
 AuthorizedKeysFile <%= @sshd_config_authkey_location %>