diff --git a/manage_ssh.conf b/manage_ssh.conf
index 7958b86..00ba3d0 100644
--- a/manage_ssh.conf
+++ b/manage_ssh.conf
@@ -32,7 +32,8 @@ LOCAL_DIR="/etc/ssh_master"
 REMOTE_DIR="/etc/ssh_controls/holding"
 
 # name of the user account performing the SSH controls update
-# (leave blank for current user but user should have remote sudo root privs)
+# (leave blank for current user running script)
+# user should have remote sudo root privs (except when using user 'root')
 SSH_UPDATE_USER=""
 
 # options to pass to update_ssh.pl when executing a key update
diff --git a/manage_ssh.sh b/manage_ssh.sh
index 5229e88..c45a411 100644
--- a/manage_ssh.sh
+++ b/manage_ssh.sh
@@ -61,6 +61,8 @@
 # @(#)             (VRF 1.5.0) [Patrick Van der Veken]
 # @(#) 2015-10-09: simplified handling of SSH agent handling, obsoleted
 # @(#)             DO_SLAVE_SSH_AGENT option (VRF 1.5.1) [Patrick Van der Veken]
+# @(#) 2015-12-13: fix for DO_SLAVE, improved check_root_user() calls
+# @(#)             (VRF 1.5.2) [Patrick Van der Veken]
 # -----------------------------------------------------------------------------
 # DO NOT CHANGE THIS FILE UNLESS YOU KNOW WHAT YOU ARE DOING!
 #******************************************************************************
@@ -74,7 +76,7 @@
 # or LOCAL_CONFIG_FILE instead
 
 # define the V.R.F (version/release/fix)
-MY_VRF="1.5.1"
+MY_VRF="1.5.2"
 # name of the global configuration file (script)
 GLOBAL_CONFIG_FILE="manage_ssh.conf"
 # name of the local configuration file (script)
@@ -91,6 +93,7 @@ HOST_NAME="$(hostname)"
 KEYS_FILE=""
 KEYS_DIR=""
 TARGETS_FILE=""
+DO_SLAVE=0
 FIX_CREATE=0
 CAN_DISCOVER_KEYS=0
 CAN_START_AGENT=1
@@ -1451,7 +1454,11 @@ log "runtime info: LOCAL_DIR is set to: ${LOCAL_DIR}"
 case ${ARG_ACTION} in
     1)  # apply SUDO controls remotely
         log "ACTION: apply SSH controls remotely"
-        check_root_user && die "must NOT be run as user 'root'"
+        # check for root or non-root model
+        if [[ "${SSH_UPDATE_USER}" != "root" ]]
+        then
+			check_root_user && die "must NOT be run as user 'root'"
+        fi
         # start SSH agent (if needed)
         if (( DO_SSH_AGENT && CAN_START_AGENT ))
         then
@@ -1507,7 +1514,11 @@ case ${ARG_ACTION} in
         ;;
     2)  # copy/distribute SSH controls
         log "ACTION: copy/distribute SSH controls"
-        check_root_user && die "must NOT be run as user 'root'"
+        # check for root or non-root model
+        if [[ "${SSH_TRANSFER_USER}" != "root" ]]
+        then
+			check_root_user && die "must NOT be run as user 'root'"
+        fi
         # start SSH agent (if needed)
         if (( DO_SSH_AGENT && CAN_START_AGENT ))
         then
@@ -1562,7 +1573,11 @@ case ${ARG_ACTION} in
         log "finished copying/distributing SSH controls"
         ;;
     3)  # create key fingerprints
-        check_root_user && die "must NOT be run as user 'root'"
+        # check for root or non-root model
+        if [[ "${SSH_UPDATE_USER}" != "root" ]]
+        then
+			check_root_user && die "must NOT be run as user 'root'"
+        fi
         log "ACTION: create key fingerprints into ${LOCAL_DIR}/fingerprints"
         > "${LOCAL_DIR}/fingerprints"
 
@@ -1612,7 +1627,7 @@ case ${ARG_ACTION} in
         fi
 
         # check if the SSH control repo is already there
-        if [[ ${FIX_CREATE} = 1 && ! -d "${FIX_DIR}" ]]
+        if [[ ${FIX_CREATE} -eq 1 && ! -d "${FIX_DIR}" ]]
         then
             # create stub directories
             mkdir -p "${FIX_DIR}/holding" 2>/dev/null || \
@@ -1698,7 +1713,11 @@ case ${ARG_ACTION} in
         ;;
     6)  # fix remote directory structure/perms/ownerships
         log "ACTION: fix remote SSH controls repository"
-        check_root_user && die "must NOT be run as user 'root'"
+        # check for root or non-root model
+        if [[ "${SSH_UPDATE_USER}" != "root" ]]
+        then
+			check_root_user && die "must NOT be run as user 'root'"
+        fi
         # start SSH agent (if needed)
         if (( DO_SSH_AGENT && CAN_START_AGENT ))
         then
diff --git a/update_ssh.conf b/update_ssh.conf
index c47e7bf..c403fea 100644
--- a/update_ssh.conf
+++ b/update_ssh.conf
@@ -13,11 +13,11 @@
 use_fqdn=1
 
 # target directory for allowed SSH key files
-access_dir=/etc/kudos/ssh_controls/keys.d
+access_dir=/etc/ssh_controls/keys.d
 
 # location of the keys blacklist file
-blacklist_file=/etc/kudos/ssh_controls/keys.blacklisted
+blacklist_file=/etc/ssh_controls/keys.blacklisted
 
 #******************************************************************************
 # End of FILE
-#******************************************************************************
\ No newline at end of file
+#******************************************************************************