diff --git a/changelogs/fragments/65017-openssh_keypair-idempotence.yml b/changelogs/fragments/65017-openssh_keypair-idempotence.yml
new file mode 100644
index 00000000000..411b7149828
--- /dev/null
+++ b/changelogs/fragments/65017-openssh_keypair-idempotence.yml
@@ -0,0 +1,2 @@
+bugfixes:
+- "openssh_keypair - fixes idempotence issue with public key (https://github.com/ansible/ansible/issues/64969)."
diff --git a/lib/ansible/modules/crypto/openssh_keypair.py b/lib/ansible/modules/crypto/openssh_keypair.py
index 63117f91dc7..6a123f1f7c2 100644
--- a/lib/ansible/modules/crypto/openssh_keypair.py
+++ b/lib/ansible/modules/crypto/openssh_keypair.py
@@ -281,8 +281,7 @@ class Keypair(object):
             else:
                 return False
 
-        def _parse_pubkey():
-            pubkey_content = _get_pubkey_content()
+        def _parse_pubkey(pubkey_content):
             if pubkey_content:
                 parts = pubkey_content.split(' ', 2)
                 return parts[0], parts[1], '' if len(parts) <= 2 else parts[2]
@@ -290,8 +289,7 @@ class Keypair(object):
 
         def _pubkey_valid(pubkey):
             if pubkey_parts:
-                current_pubkey = ' '.join([pubkey_parts[0], pubkey_parts[1]])
-                return current_pubkey == pubkey
+                return pubkey_parts[:2] == _parse_pubkey(pubkey)[:2]
             return False
 
         def _comment_valid():
@@ -306,7 +304,7 @@ class Keypair(object):
 
         pubkey = module.run_command([module.get_bin_path('ssh-keygen', True), '-yf', self.path])
         pubkey = pubkey[1].strip('\n')
-        pubkey_parts = _parse_pubkey()
+        pubkey_parts = _parse_pubkey(_get_pubkey_content())
         if _pubkey_valid(pubkey):
             self.public_key = pubkey
 
diff --git a/test/integration/targets/openssh_keypair/tasks/main.yml b/test/integration/targets/openssh_keypair/tasks/main.yml
index 0ff369787d3..9c7dde64042 100644
--- a/test/integration/targets/openssh_keypair/tasks/main.yml
+++ b/test/integration/targets/openssh_keypair/tasks/main.yml
@@ -3,6 +3,11 @@
     path: '{{ output_dir }}/privatekey1'
   register: privatekey1_result
 
+- name: Generate privatekey1 - standard (idempotent)
+  openssh_keypair:
+    path: '{{ output_dir }}/privatekey1'
+  register: privatekey1_idem_result
+
 - name: Generate privatekey2 - size 2048
   openssh_keypair:
     path: '{{ output_dir }}/privatekey2'
diff --git a/test/integration/targets/openssh_keypair/tests/validate.yml b/test/integration/targets/openssh_keypair/tests/validate.yml
index 4d61b050aa4..6bc83d7ee08 100644
--- a/test/integration/targets/openssh_keypair/tests/validate.yml
+++ b/test/integration/targets/openssh_keypair/tests/validate.yml
@@ -38,6 +38,11 @@
     that:
       - privatekey1.stdout == '4096'
 
+- name: Validate privatekey1 idempotence
+  assert:
+    that:
+      - privatekey1_idem_result is not changed
+
 
 - name: Validate privatekey2 (test - RSA key with size 2048 bits)
   shell: "ssh-keygen -lf {{ output_dir }}/privatekey2 | grep -o -E '^[0-9]+'"