diff --git a/playbooks/service-borg-backup.yaml b/playbooks/service-borg-backup.yaml
index f0f7f3470e..7fa6e1a244 100644
--- a/playbooks/service-borg-backup.yaml
+++ b/playbooks/service-borg-backup.yaml
@@ -1,10 +1,22 @@
-# This needs to happen in order.  Backup hosts export their username/key
-# combos which are installed onto the backup server
+# This ensures fact population so the borg-backup role, run on the
+# backup-clients, can add the public key for each backup server in
+# "borg-backup-server" to it's known_hosts.
+- hosts: "borg-backup-server:!disabled"
+  name: "Populate backup server host keys"
+  tasks:
+    - name: 'Gather minimal host facts'
+      setup:
+        gather_subset: '!all'
+
+# These two steps needs to happen in order.  Backup hosts export their
+# username/key combos in this step, then the following role uses that
+# info to authorizes these users on the backup servers.
 - hosts: "borg-backup:!disabled"
-  name: "Base: Generate borg backup users and keys"
+  name: "Generate borg backup users and keys"
   roles:
     - iptables
     - borg-backup
+
 - hosts: "borg-backup-server:!disabled"
   name: "Generate borg configuration"
   roles: