diff --git a/pillar.example b/pillar.example
index 6f65d95..b0024d2 100644
--- a/pillar.example
+++ b/pillar.example
@@ -50,7 +50,8 @@ users:
     ssh_keys:
       privkey: PRIVATEKEY
       pubkey: PUBLICKEY
-      # you can provide multiple keys, the keyname is takes as filename
+      # you can provide multiple keys, the keyname is taken as filename
+      # make sure your public keys suffix is .pub
       foobar: PRIVATEKEY
       foobar.pub: PUBLICKEY
     # ... or you can pull them from a different pillar,
diff --git a/users/init.sls b/users/init.sls
index a1bb4a0..96d733e 100644
--- a/users/init.sls
+++ b/users/init.sls
@@ -183,7 +183,11 @@ users_{{ name }}_{{ key_name }}_key:
     - name: {{ home }}/.ssh/{{ key_name }}
     - user: {{ name }}
     - group: {{ user_group }}
+      {% if key_name.endswith(".pub") %}
+    - mode: 644
+      {% else %}
     - mode: 600
+      {% endif %}
     - show_diff: False
     - contents_pillar: users:{{ name }}:ssh_keys:{{ _key }}
     - require: