diff --git a/roles/bastion-ssh-config/tasks/main.yml b/roles/bastion-ssh-config/tasks/main.yml
index d1aae5ca8..a4ea57459 100644
--- a/roles/bastion-ssh-config/tasks/main.yml
+++ b/roles/bastion-ssh-config/tasks/main.yml
@@ -16,3 +16,9 @@
 - name: create ssh bastion conf
   become: false
   template: src=ssh-bastion.conf dest="{{ playbook_dir }}/ssh-bastion.conf"
+  when: has_bastion
+
+- name: create empty bastion conf in case no bastion is used
+  become: false
+  copy: content="" dest="{{ playbook_dir }}/ssh-bastion.conf"
+  when: not has_bastion
diff --git a/roles/bastion-ssh-config/templates/ssh-bastion.conf b/roles/bastion-ssh-config/templates/ssh-bastion.conf
index 6bcc65dad..a201365b4 100644
--- a/roles/bastion-ssh-config/templates/ssh-bastion.conf
+++ b/roles/bastion-ssh-config/templates/ssh-bastion.conf
@@ -1,6 +1,4 @@
-{% if has_bastion %}
 {% set vars={'hosts': ''} %}
-{% set user='' %}
 
 {% for h in groups['all'] %}
 {% if h != 'bastion' %}
@@ -18,4 +16,3 @@ Host {{ bastion_ip }}
 Host {{ vars['hosts'] }}
   ProxyCommand ssh -W %h:%p {{ real_user }}@{{ bastion_ip }}
   StrictHostKeyChecking no
-{% endif %}
\ No newline at end of file