diff --git a/playbooks/roles/reprepro/tasks/main.yaml b/playbooks/roles/reprepro/tasks/main.yaml
index f2b54b4617..916f6578c1 100644
--- a/playbooks/roles/reprepro/tasks/main.yaml
+++ b/playbooks/roles/reprepro/tasks/main.yaml
@@ -1,3 +1,16 @@
+- name: Install afsadmin keytab
+  shell: 'echo "{{ reprepro_keytab }}" | base64 -d > /etc/reprepro.keytab'
+  args:
+    creates: /etc/reprepro.keytab
+  no_log: True
+
+- name: Ensure permissions on reprepro keytab
+  file:
+    path: '/etc/reprepro.keytab'
+    owner: root
+    group: root
+    mode: '0400'
+
 - name: Install reprepro
   package:
     name:
diff --git a/playbooks/zuul/templates/host_vars/mirror-update01.opendev.org.yaml.j2 b/playbooks/zuul/templates/host_vars/mirror-update01.opendev.org.yaml.j2
index 4c0564c0ef..773ccab9f5 100644
--- a/playbooks/zuul/templates/host_vars/mirror-update01.opendev.org.yaml.j2
+++ b/playbooks/zuul/templates/host_vars/mirror-update01.opendev.org.yaml.j2
@@ -19,3 +19,6 @@ mirror_update_keytab_opensuse: |-
 mirror_update_keytab_yum-puppetlabs: |-
   aEkRPhZllm2F2y71Zgf3X9NjyHT7/sS8bd/vXt9oG1PKkUmpeBXprFnrxzMuKiupHwwTa09w5LuB
   blLvBOC8W5Miz1u6TkRe+/jLQurLpzYHwk3bJCJ6s3WwPKDej54TDVgrVQ==
+reprepro_keytab: |-
+  aEkRPhZllm2F2y71Zgf3X9NjyHT7/sS8bd/vXt9oG1PKkUmpeBXprFnrxzMuKiupHwwTa09w5LuB
+  blLvBOC8W5Miz1u6TkRe+/jLQurLpzYHwk3bJCJ6s3WwPKDej54TDVgrVQ==
diff --git a/testinfra/test_mirror-update.py b/testinfra/test_mirror-update.py
index 84c315e64b..893ac16973 100644
--- a/testinfra/test_mirror-update.py
+++ b/testinfra/test_mirror-update.py
@@ -46,7 +46,8 @@ def test_keytabs(host):
                    '/etc/epel.keytab',
                    '/etc/fedora.keytab',
                    '/etc/opensuse.keytab',
-                   '/etc/yum-puppetlabs.keytab']:
+                   '/etc/yum-puppetlabs.keytab',
+                   '/etc/reprepro.keytab']:
 
         f = host.file(keytab)
         assert f.exists