diff --git a/README.md b/README.md
index bfd0ae03..4003b262 100644
--- a/README.md
+++ b/README.md
@@ -35,7 +35,7 @@ The easiest way to get an Algo server running is to let it set up a _new_ virtua
 
  macOS: `sudo easy_install pip`
 
- Linux (deb-based): `sudo apt-get update && sudo apt-get install python-pip build-essential libssl-dev libffi-dev python-dev -y`
+ Linux (deb-based): `sudo apt-get update && sudo apt-get install python-pip python-setuptools build-essential libssl-dev libffi-dev python-dev -y`
 
  Linux (rpm-based): See the [Pre-Install Documentation for RedHat/CentOS 6.x](docs/pre-install_redhat_centos_6.x.md)
 
diff --git a/roles/cloud-digitalocean/tasks/main.yml b/roles/cloud-digitalocean/tasks/main.yml
index b60a913e..a4002bd7 100644
--- a/roles/cloud-digitalocean/tasks/main.yml
+++ b/roles/cloud-digitalocean/tasks/main.yml
@@ -14,7 +14,19 @@
       until: ssh_keys.changed != true
       retries: 10
       delay: 1
+
   rescue:
+    - name: Collect the fail error
+      digital_ocean:
+        state: absent
+        command: ssh
+        api_token: "{{ do_access_token }}"
+        name: "{{ SSH_keys.comment }}"
+      register: ssh_keys
+      ignore_errors: yes
+
+    - debug: var=ssh_keys
+
     - fail:
         msg: "Please, ensure that your API token is not read-only."
 
@@ -51,7 +63,7 @@
     do_access_token: "{{ do_access_token }}"
     do_droplet_id: "{{ do.droplet.id }}"
     cloud_provider: digitalocean
-    ipv6_support: yes
+    ipv6_support: true
 
 - set_fact:
     cloud_instance_ip: "{{ do.droplet.ip_address }}"
diff --git a/roles/ssh_tunneling/tasks/main.yml b/roles/ssh_tunneling/tasks/main.yml
index ba0baf29..9ade7e33 100644
--- a/roles/ssh_tunneling/tasks/main.yml
+++ b/roles/ssh_tunneling/tasks/main.yml
@@ -31,8 +31,8 @@
     createhome: yes
     generate_ssh_key: yes
     shell: /bin/false
-    ssh_key_type: rsa
-    ssh_key_bits: 2048
+    ssh_key_type: ecdsa
+    ssh_key_bits: 256
     ssh_key_comment: '{{ item }}@{{ IP_subject_alt_name }}'
     ssh_key_passphrase: "{{ easyrsa_p12_export_password }}"
     state: present
@@ -41,7 +41,7 @@
 
 - name: The authorized keys file created
   file:
-    src: '/var/jail/{{ item }}/.ssh/id_rsa.pub'
+    src: '/var/jail/{{ item }}/.ssh/id_ecdsa.pub'
     dest: '/var/jail/{{ item }}/.ssh/authorized_keys'
     owner: "{{ item }}"
     group: "{{ item }}"
@@ -57,7 +57,7 @@
   template: src=known_hosts.j2 dest=/root/.ssh/{{ IP_subject_alt_name }}_known_hosts
 
 - name: Fetch users SSH private keys
-  fetch: src='/var/jail/{{ item }}/.ssh/id_rsa' dest=configs/{{ IP_subject_alt_name }}/{{ IP_subject_alt_name }}_{{ item }}.ssh.pem flat=yes
+  fetch: src='/var/jail/{{ item }}/.ssh/id_ecdsa' dest=configs/{{ IP_subject_alt_name }}/{{ IP_subject_alt_name }}_{{ item }}.ssh.pem flat=yes
   with_items: "{{ users }}"
 
 - name: Change mode for SSH private keys
diff --git a/roles/vpn/tasks/iptables.yml b/roles/vpn/tasks/iptables.yml
index 0088a6d4..fc065c37 100644
--- a/roles/vpn/tasks/iptables.yml
+++ b/roles/vpn/tasks/iptables.yml
@@ -9,7 +9,7 @@
 
 - name: Iptables configured
   template: src="{{ item.src }}" dest="{{ item.dest }}" owner=root group=root mode=0640
-  when: ipv6_support is defined and ipv6_support == "yes"
+  when: ipv6_support is defined and ipv6_support == true
   with_items:
     - { src: rules.v6.j2, dest: /etc/iptables/rules.v6 }
   notify:
diff --git a/roles/vpn/tasks/main.yml b/roles/vpn/tasks/main.yml
index dfd31eb4..9aec6045 100644
--- a/roles/vpn/tasks/main.yml
+++ b/roles/vpn/tasks/main.yml
@@ -1,6 +1,11 @@
 - name: Gather Facts
   setup:
 
+- name: Enable IPv6
+  set_fact:
+    ipv6_support: true
+  when: ansible_default_ipv6.gateway is defined
+
 - name: Generate password for the CA key
   shell: >
     < /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-12};echo;
@@ -17,7 +22,7 @@
   when: Win10_Enabled is defined and Win10_Enabled == "Y"
 
 - name: Install StrongSwan
-  apt: name=strongswan state=latest update_cache=yes
+  apt: name=strongswan state=latest update_cache=yes install_recommends=yes
 
 - name: Enforcing ipsec with apparmor
   shell: aa-enforce "{{ item }}"
@@ -46,9 +51,8 @@
 
 - name: Configure ip6tables so IPSec traffic can traverse the tunnel
   iptables: ip_version=ipv6 table=nat chain=POSTROUTING source="{{ vpn_network_ipv6 }}" jump=MASQUERADE
-  when: ((security_enabled is not defined) or
-        (security_enabled is defined and security_enabled != "y")) and
-        ipv6_support is defined and ipv6_support == "yes"
+  when: ((security_enabled is not defined) or (security_enabled is defined and security_enabled != "y")) and
+        (ipv6_support is defined and ipv6_support == true)
   notify:
     - save iptables
 
diff --git a/users.yml b/users.yml
index 5958522b..48d6d0e5 100644
--- a/users.yml
+++ b/users.yml
@@ -196,11 +196,6 @@
       when: item not in users and ssh_tunneling_enabled is defined and ssh_tunneling_enabled == "y"
       with_items: "{{ valid_users.stdout_lines | default('null') }}"
 
-    - name: SSH | Fetch users SSH private keys
-      fetch: src='/var/jail/{{ item }}/.ssh/id_rsa' dest=configs/{{ IP_subject_alt_name }}_{{ item }}.ssh.pem flat=yes
-      when: ssh_tunneling_enabled is defined and ssh_tunneling_enabled == "y"
-      with_items: "{{ users }}"
-
   post_tasks:
     - debug:
         msg: