diff --git a/.travis.yml b/.travis.yml
@@ -25,7 +25,8 @@ env:
     - PUPPET_GEM_VERSION="~> 4.3.0"
     - PUPPET_GEM_VERSION="~> 4.4.0"
     - PUPPET_GEM_VERSION="~> 4.5.0"
-    - PUPPET_GEM_VERSION="~> 4" STRICT_VARIABLES="yes"
+    - PUPPET_GEM_VERSION="~> 4.6.0"
+    - PUPPET_GEM_VERSION="~> 4"
 
 sudo: false
 
@@ -57,7 +58,9 @@ matrix:
     - rvm: 1.8.7
       env: PUPPET_GEM_VERSION="~> 4.5.0"
     - rvm: 1.8.7
-      env: PUPPET_GEM_VERSION="~> 4" STRICT_VARIABLES="yes"
+      env: PUPPET_GEM_VERSION="~> 4.6.0"
+    - rvm: 1.8.7
+      env: PUPPET_GEM_VERSION="~> 4"
     - rvm: 2.3.1
       env: PUPPET_GEM_VERSION="~> 3.1.0"
     - rvm: 2.3.1

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,9 @@
+### v3.44.0 - 2016-08-28
+  * Add support for TCPKeepAlive in sshd_config
+
+### v3.43.0 - 2016-08-08
+  * Add support for Ruby 2.3.1 with Puppet v4
+
 ### v3.42.0 - 2016-06-24
   * Add support for managing sshd_config options PermitUserEnvironment and
     PermitEmptyPasswords

diff --git a/Gemfile b/Gemfile
@@ -7,7 +7,7 @@ else
 end
 
 gem 'metadata-json-lint'
-gem 'puppetlabs_spec_helper', '>= 1.1.1'
+gem 'puppetlabs_spec_helper', '>= 1.2.0'
 gem 'facter', '>= 1.7.0'
 gem 'rspec-puppet'
 gem 'puppet-lint', '>= 1.0', '< 3.0'
@@ -16,24 +16,14 @@ gem 'puppet-lint-alias-check'
 gem 'puppet-lint-empty_string-check'
 gem 'puppet-lint-file_ensure-check'
 gem 'puppet-lint-file_source_rights-check'
-gem 'puppet-lint-fileserver-check'
 gem 'puppet-lint-leading_zero-check'
 gem 'puppet-lint-spaceship_operator_without_tag-check'
 gem 'puppet-lint-trailing_comma-check'
 gem 'puppet-lint-undef_in_function-check'
 gem 'puppet-lint-unquoted_string-check'
 gem 'puppet-lint-variable_contains_upcase'
 
-# rspec must be v2 for ruby 1.8.7
-if RUBY_VERSION >= '1.8.7' and RUBY_VERSION < '1.9'
-  # rake >=11 does not support ruby 1.8.7
-  gem 'rspec', '~> 2.0'
-  gem 'rake', '~> 10.0'
-end
-
-if RUBY_VERSION < '2.0'
-  # json 2.x requires ruby 2.0. Lock to 1.8
-  gem 'json', '~> 1.8'
-  # json_pure 2.0.2 requires ruby 2.0. Lock to 2.0.1
-  gem 'json_pure', '= 2.0.1'
-end
+gem 'rspec',     '~> 2.0'   if RUBY_VERSION >= '1.8.7' and RUBY_VERSION < '1.9'
+gem 'rake',      '~> 10.0'  if RUBY_VERSION >= '1.8.7' and RUBY_VERSION < '1.9'
+gem 'json',      '<= 1.8'   if RUBY_VERSION < '2.0.0'
+gem 'json_pure', '<= 2.0.1' if RUBY_VERSION < '2.0.0'
diff --git a/README.md b/README.md
@@ -32,6 +32,7 @@ only), 1.9.3, 2.0.0, 2.1.0 and 2.3.1 (Puppet v4 only).
  * SLES 12
  * Ubuntu 12.04 LTS
  * Ubuntu 14.04 LTS
+ * Ubuntu 16.04 LTS
  * Solaris 9
  * Solaris 10
  * Solaris 11

diff --git a/manifests/init.pp b/manifests/init.pp
@@ -169,26 +169,38 @@
       }
     }
     'Debian': {
+      # Ubuntu 16.04
+      if $::operatingsystemrelease == '16.04' {
+        $default_sshd_config_hostkey             = [
+          '/etc/ssh/ssh_host_rsa_key',
+          '/etc/ssh/ssh_host_dsa_key',
+          '/etc/ssh/ssh_host_ecdsa_key',
+          '/etc/ssh/ssh_host_ed25519_key',
+        ]
+        $default_ssh_config_hash_known_hosts     = 'yes'
+        $default_sshd_config_xauth_location      = undef
+      } else {
+        $default_sshd_config_hostkey             = [ '/etc/ssh/ssh_host_rsa_key' ]
+        $default_ssh_config_hash_known_hosts     = 'no'
+        $default_sshd_config_xauth_location      = '/usr/bin/xauth'
+      }
       $default_packages                        = ['openssh-server',
                                                   'openssh-client']
       $default_service_name                    = 'ssh'
       $default_ssh_config_forward_x11_trusted  = 'yes'
-      $default_ssh_config_hash_known_hosts     = 'no'
       $default_ssh_package_source              = undef
       $default_ssh_package_adminfile           = undef
       $default_ssh_sendenv                     = true
       $default_sshd_config_subsystem_sftp      = '/usr/lib/openssh/sftp-server'
       $default_sshd_config_mode                = '0600'
       $default_sshd_config_use_dns             = 'yes'
-      $default_sshd_config_xauth_location      = '/usr/bin/xauth'
       $default_sshd_use_pam                    = 'yes'
       $default_sshd_gssapikeyexchange          = undef
       $default_sshd_pamauthenticationviakbdint = undef
       $default_sshd_gssapicleanupcredentials   = 'yes'
       $default_sshd_acceptenv                  = true
       $default_service_hasstatus               = true
       $default_sshd_config_serverkeybits       = '1024'
-      $default_sshd_config_hostkey             = [ '/etc/ssh/ssh_host_rsa_key' ]
       $default_sshd_addressfamily              = 'any'
     }
     'Solaris': {

diff --git a/metadata.json b/metadata.json
@@ -1,6 +1,6 @@
 {
   "name": "ghoneycutt-ssh",
-  "version": "3.44.0",
+  "version": "3.45.0",
   "author": "ghoneycutt",
   "summary": "Manages SSH",
   "license": "Apache-2.0",
@@ -84,7 +84,8 @@
       "operatingsystem": "Ubuntu",
       "operatingsystemrelease": [
         "12.04",
-        "14.04"
+        "14.04",
+        "16.04"
       ]
     }
   ],