diff --git a/algo b/algo
index 4911274..cf2f1f1 100755
--- a/algo
+++ b/algo
@@ -125,11 +125,12 @@ Enter your aws_secret_key (http://docs.aws.amazon.com/general/latest/gr/managing
 Note: Make sure to use either your root key (recommended) or an IAM user with an acceptable policy attached
 [ABCD...]: " -rs aws_secret_key
 
-  read -e -p "
-Enter the local path to your SSH public key:
-: " -i "~/.ssh/id_rsa.pub" -r ssh_public_key
 
   read -p "
+Enter the local path to your SSH public key (~/.ssh/id_rsa.pub): " -r ssh_public_key
+  ssh_public_key=${ssh_public_key:-$HOME/.ssh/id_rsa.pub}
+
+read -p "
 Name the vpn server:
 [algo]: " -r aws_server_name
   aws_server_name=${aws_server_name:-algo}
@@ -176,9 +177,9 @@ gce () {
 Enter the local path to your credentials JSON file (https://support.google.com/cloud/answer/6158849?hl=en&ref_topic=6262490#serviceaccounts):
 : " -r credentials_file
 
-  read -e -p "
-Enter the local path to your SSH public key:
-: " -i "~/.ssh/id_rsa.pub" -r ssh_public_key
+  read -p "
+Enter the local path to your SSH public key (~/.ssh/id_rsa.pub): " -r ssh_public_key
+  ssh_public_key=${ssh_public_key:-$HOME/.ssh/id_rsa.pub}
 
   read -p "
 Name the vpn server:
diff --git a/roles/cloud-ec2/tasks/main.yml b/roles/cloud-ec2/tasks/main.yml
index eace8c4..e2b0a65 100644
--- a/roles/cloud-ec2/tasks/main.yml
+++ b/roles/cloud-ec2/tasks/main.yml
@@ -1,7 +1,7 @@
 - name: Locate official Ubuntu 16.04 AMI for region
   ec2_ami_find:
-    aws_access_key: "{{ aws_access_key }}"
-    aws_secret_key: "{{ aws_secret_key }}"
+    aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'))}}"
+    aws_secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'))}}"
     name: "ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-*"
     owner:  099720109477
     sort: name
@@ -15,8 +15,8 @@
 
 - name: Add ssh public key
   ec2_key:
-    aws_access_key: "{{ aws_access_key }}"
-    aws_secret_key: "{{ aws_secret_key }}"
+    aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'))}}"
+    aws_secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'))}}"
     name: VPNKEY
     region: "{{ region }}"
     key_material: "{{ item }}"
@@ -25,8 +25,8 @@
 
 - name: Configure EC2 security group
   ec2_group:
-    aws_access_key: "{{ aws_access_key }}"
-    aws_secret_key: "{{ aws_secret_key }}"
+    aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'))}}"
+    aws_secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'))}}"
     name: vpn-secgroup
     description: Security group for VPN servers
     region: "{{ region }}"
@@ -51,8 +51,8 @@
 
 - name: Launch instance
   ec2:
-    aws_access_key: "{{ aws_access_key }}"
-    aws_secret_key: "{{ aws_secret_key }}"
+    aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'))}}"
+    aws_secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'))}}"
     keypair: "VPNKEY"
     group: vpn-secgroup
     instance_type: t2.nano