diff --git a/bundles/backup-server/metadata.py b/bundles/backup-server/metadata.py
index ceb87bb..f5202d5 100644
--- a/bundles/backup-server/metadata.py
+++ b/bundles/backup-server/metadata.py
@@ -1,3 +1,5 @@
+from ipaddress import ip_interface
+
 defaults = {
     'users': {
         'backup-receiver': {
@@ -7,6 +9,24 @@ defaults = {
 }
 
 
+@metadata_reactor.provides(
+    'dns'
+)
+def dns(metadata):
+    records = {}
+    
+    if metadata.get('network/ipv4', None):
+        records['A'] = [str(ip_interface(metadata.get('network/ipv4')).ip)]
+    if metadata.get('network/ipv6', None):
+        records['AAAA'] = [str(ip_interface(metadata.get('network/ipv6')).ip)]
+
+    return {
+        'dns': {
+            metadata.get('backup-server/hostname'): records,
+        },
+    }
+
+
 @metadata_reactor.provides(
     'users/backup-receiver/authorized_keys'
 )
@@ -15,7 +35,7 @@ def backup_authorized_keys(metadata):
         'users': {
             'backup-receiver': {
                 'authorized_keys': [
-                    other_node.metadata.get('users/backup/pubkey')
+                    other_node.metadata.get('users/root/pubkey')
                         for other_node in repo.nodes
                         if other_node.has_bundle('backup')
                         and other_node.metadata.get('backup/server') == node.name
diff --git a/bundles/backup/items.py b/bundles/backup/items.py
index 77d06af..1f81c47 100644
--- a/bundles/backup/items.py
+++ b/bundles/backup/items.py
@@ -5,7 +5,7 @@ directories['/etc/backup'] = {}
 files['/etc/backup/config.json'] = {
     'content': dumps(
         {
-            'server': node.metadata.get('backup/server'),
+            'server_hostname': repo.get_node(node.metadata.get('backup/server')).metadata.get('backup-server/hostname'),
             'paths': sorted(set(node.metadata.get('backup/paths'))),
         },
         indent=4,
diff --git a/bundles/backup/metadata.py b/bundles/backup/metadata.py
index a525f7a..5002518 100644
--- a/bundles/backup/metadata.py
+++ b/bundles/backup/metadata.py
@@ -8,7 +8,4 @@ defaults = {
         'server': None,
         'paths': [],
     },
-    'users': {
-        'backup': {},
-    },
 }
diff --git a/bundles/users/metadata.py b/bundles/users/metadata.py
index 9c5e2b2..bc392eb 100644
--- a/bundles/users/metadata.py
+++ b/bundles/users/metadata.py
@@ -32,7 +32,7 @@ def user(metadata):
             
         if not 'privkey' in users[name] and not 'pubkey' in users[name]:
             privkey, pubkey = repo.libs.ssh.generate_ad25519_key_pair(
-                b64decode(str(repo.vault.random_bytes_as_base64_for(metadata.get('id'), length=32)))
+                b64decode(str(repo.vault.random_bytes_as_base64_for(f"{name}@{metadata.get('id')}", length=32)))
             )
             users[name]['keytype'] = 'ed25519'
             users[name]['privkey'] = privkey
diff --git a/libs/ssh.py b/libs/ssh.py
index 2f59072..a920d62 100644
--- a/libs/ssh.py
+++ b/libs/ssh.py
@@ -18,7 +18,7 @@ def generate_ad25519_key_pair(secret):
         '-----BEGIN OPENSSH PRIVATE KEY-----',
         b64encode(deterministic_bytes).decode(),
         '-----END OPENSSH PRIVATE KEY-----',
-    ])
+    ]) + '\n'
 
     public_key = privkey_bytes.public_key().public_bytes(
         encoding=serialization.Encoding.OpenSSH,
diff --git a/nodes/home.backups.py b/nodes/home.backups.py
index 16a2e84..c52b4f2 100644
--- a/nodes/home.backups.py
+++ b/nodes/home.backups.py
@@ -9,6 +9,9 @@
     ],
     'metadata': {
         'id': '9cf52515-63a1-4659-a8ec-6c3c881727e5',
+        'backup-server': {
+            'hostname': 'backups.sublimity.de',
+        },
         'network': {
             'interface': 'enp1s0',
             'ipv4': '10.0.0.5/24',