diff --git a/playbooks/local.yml b/playbooks/local.yml
index be2ecc9f..194346db 100644
--- a/playbooks/local.yml
+++ b/playbooks/local.yml
@@ -3,7 +3,7 @@
 - name: Generate the SSH private key
   shell: >
     echo -e  'n' |
-    ssh-keygen -b 2048 -C {{ SSH_keys.comment }}
+    ssh-keygen -b 4096 -C {{ SSH_keys.comment }}
     -t rsa -f {{ SSH_keys.private }} -q -N ""
   args:
     creates: "{{ SSH_keys.private }}"
diff --git a/roles/vpn/templates/openssl.cnf.j2 b/roles/vpn/templates/openssl.cnf.j2
index 9ec12b2d..5b8fcf5c 100644
--- a/roles/vpn/templates/openssl.cnf.j2
+++ b/roles/vpn/templates/openssl.cnf.j2
@@ -52,7 +52,7 @@ emailAddress		= optional
 # Easy-RSA request handling
 # We key off $DN_MODE to determine how to format the DN
 [ req ]
-default_bits		= 2048
+default_bits		= 4096
 default_keyfile 	= privkey.pem
 default_md		= sha256
 distinguished_name	= cn_only