diff --git a/scripts/ssh-server-check.sh b/scripts/ssh-server-check.sh
index 2e59772..c0b2d60 100755
--- a/scripts/ssh-server-check.sh
+++ b/scripts/ssh-server-check.sh
@@ -33,7 +33,7 @@ check_ssh_files() {
         printf "%-17b %-20s %-6s %s\n" "  $GREEN_CHECK" "$key" "$perms" "$path"
     }
 
-    row_fail() {
+    row_missing() {
         local key="$1"
         local path="$2"
         printf "%-15b %-20s %-6s %s\n" "  $YELLOW_BANG" "$key" "-" "$path (missing)"
@@ -57,28 +57,34 @@ check_ssh_files() {
 
     row_process() {
         local key="$1"
-        local path=$(ssh_config_val "$key")
-        local status=$(get_key_status "$path")
+        path=$(ssh_config_val "$key")
+        status=$(get_key_status "$path")
         case "$status" in
             success)      row_success "$key" "$path" ;;
-            missing)      row_fail "$key" "$path" ;;
+            missing)      row_missing "$key" "$path" ;;
             unconfigured) row_unconfigured "$key" ;;
         esac
     }
 
     printf "%-6s %-20s %-6s %s\n" "STATUS" "KEY" "PERMS" "PATH"
 
-    # hostkey
-    key="hostkey"
-    row_process $key
-
-    # hostcertificate
-    key="hostcertificate"
-    row_process $key
-
-    # trustedusercakeys
-    key="trustedusercakeys"
-    row_process $key
+    row_process "hostkey"
+    row_process "hostcertificate"    
+    row_process "trustedusercakeys"
+    case "$status" in
+        success) return ;;
+        missing)
+            # Do something if trustedusercakeys is missing
+            read -p "Create the trusted keys file? (y/n) " -n 1 -r
+            echo
+            if [[ $REPLY =~ ^[Yy]$ ]]; then
+                echo "Creating public key file at $path"
+                (step ssh config --roots > "$path")
+                echo -e "$GREEN_CHECK  Created public key file for SSH user CA"
+            fi
+            ;;
+        unconfigured) return;;
+    esac
 }
 
 ssh_fingerprint() {