diff --git a/apparmor.d/groups/ssh/ssh b/apparmor.d/groups/ssh/ssh
index 75a25771f..03236196c 100644
--- a/apparmor.d/groups/ssh/ssh
+++ b/apparmor.d/groups/ssh/ssh
@@ -36,9 +36,7 @@ profile ssh @{exec_path} {
   @{etc_ro}/ssh/sshd_config.d/{,*} r,
   /etc/machine-id r,
 
-  owner @{HOME}/@{XDG_SSH_DIR}/ r,
-  owner @{HOME}/@{XDG_SSH_DIR}/*_*{,.pub} r,
-  owner @{HOME}/@{XDG_SSH_DIR}/config r,
+  owner @{HOME}/@{XDG_SSH_DIR}/{,*} r,
   owner @{HOME}/@{XDG_SSH_DIR}/known_hosts{,.*} rwl,
   owner @{HOME}/@{XDG_SSH_DIR}/ssh_control_*_*_* wl,
 
diff --git a/apparmor.d/groups/ssh/ssh-keygen b/apparmor.d/groups/ssh/ssh-keygen
index 397ffdcd6..b55824e58 100644
--- a/apparmor.d/groups/ssh/ssh-keygen
+++ b/apparmor.d/groups/ssh/ssh-keygen
@@ -15,13 +15,13 @@ profile ssh-keygen @{exec_path} {
 
   @{exec_path} mr,
 
+  /etc/ssh/moduli rw,
   /etc/ssh/ssh_host_*_key* rw,
 
-  owner @{HOME}/@{XDG_SSH_DIR}/ w,
-  owner @{HOME}/@{XDG_SSH_DIR}/*_*{,.pub} rw,
+  owner @{HOME}/@{XDG_SSH_DIR}/{,*} rw,
 
-  /tmp/snapd@{int}/*_*{,.pub} w,
-  /tmp/snapd@{int}/*.key{,.pub} w,
+  owner /tmp/snapd@{int}/*_*{,.pub} w,
+  owner /tmp/snapd@{int}/*.key{,.pub} w,
 
   /dev/tty@{int} rw,
   /dev/ttyS@{int} rw,