diff --git a/automation/molecule/postgrespro/converge.yml b/automation/molecule/postgrespro/converge.yml
index c85b83f72..29a153b4d 100644
--- a/automation/molecule/postgrespro/converge.yml
+++ b/automation/molecule/postgrespro/converge.yml
@@ -4,6 +4,68 @@
   gather_facts: true
 
   tasks:
+    - name: Update apt cache
+      become: true
+      become_method: su
+      ansible.builtin.apt:
+        update_cache: true
+        cache_valid_time: 3600
+      when: ansible_os_family == "Debian"
+
+    - name: Ensure SSH client package is installed
+      become: true
+      become_method: su
+      ansible.builtin.package:
+        name: "{{ ssh_client_package }}"
+        state: present
+      vars:
+        ssh_client_package: "{{ 'openssh-client' if ansible_os_family == 'Debian' else 'openssh-clients' }}"
+      when: ansible_distribution != "MacOSX"
+
+    - name: Get system username on control node
+      ansible.builtin.command: whoami
+      register: control_user
+      changed_when: false
+      delegate_to: localhost
+      run_once: true # noqa run-once
+
+    - name: Generate molecule SSH key on control node
+      ansible.builtin.user:
+        name: "{{ control_user.stdout }}"
+        generate_ssh_key: true
+        ssh_key_bits: 2048
+        ssh_key_file: /tmp/molecule_rsa
+      delegate_to: localhost
+      run_once: true # noqa run-once
+
+    - name: Get system username on molecule instances
+      ansible.builtin.command: whoami
+      register: instance_user
+      changed_when: false
+
+    - name: Ensure SSH directory exists on molecule instances
+      become: true
+      become_method: su
+      ansible.builtin.file:
+        path: "{{ ansible_env.HOME }}/.ssh"
+        state: directory
+        mode: '0700'
+
+    - name: Copy public SSH key to molecule instances
+      become: true
+      become_method: su
+      ansible.builtin.copy:
+        src: /tmp/molecule_rsa.pub
+        dest: "{{ ansible_env.HOME }}/.ssh/authorized_keys"
+        owner: "{{ instance_user.stdout }}"
+        group: "{{ instance_user.stdout }}"
+        mode: '0600'
+
+    - name: Switch to SSH key-based authentication
+      ansible.builtin.set_fact:
+        ansible_ssh_common_args: "-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
+        ansible_private_key_file: /tmp/molecule_rsa
+
     - name: Set variables for molecule
       ansible.builtin.set_fact:
         firewall_enable_ipv6: false # Added to prevent test failures in CI.