diff --git a/etc/kayobe/ansible/cis.yml b/etc/kayobe/ansible/cis.yml
index f35906344..fada43731 100644
--- a/etc/kayobe/ansible/cis.yml
+++ b/etc/kayobe/ansible/cis.yml
@@ -6,12 +6,19 @@
   tasks:
     # TODO: Remove this when Red Hat FIPS policy has been updated to allow ed25519 keys.
     # https://gitlab.com/gitlab-org/gitlab/-/issues/367429#note_1840422075
-    - name: Assert that we are using a supported SSH key
-      assert:
-        that:
-          - ssh_key_type != 'ed25519'
-        fail_msg: FIPS policy does not currently support ed25519 SSH keys on RHEL family systems
-      when: ansible_facts.os_family == 'RedHat'
+    - when: ansible_facts.os_family == 'RedHat'
+      block:
+       - name: Check type of key using the file command
+         raw: file {{ ssh_private_key_path }}
+         delegate_to: localhost
+         changed_when: false
+         register: ssh_key_check
+
+       - name: Assert that we are using a supported SSH key
+         assert:
+            that:
+              - ssh_key_check.stdout | regex_search('ed25519', ignorecase=true)
+            fail_msg: FIPS policy does not currently support ed25519 SSH keys on RHEL family systems
 
     - name: Ensure the cron package is installed on ubuntu
       package: