diff --git a/pillar.example b/pillar.example
index 1dc0c6c..4526573 100644
--- a/pillar.example
+++ b/pillar.example
@@ -44,6 +44,17 @@ users:
     # than inline in pillar, this works.
     ssh_auth_sources:
       - salt://keys/buser.id_rsa.pub
+    # Manage the ~/.ssh/config file
+    ssh_config:
+      all:
+        hostname: "*"
+        options:
+          - "StrictHostKeyChecking no"
+          - "UserKnownHostsFile=/dev/null"
+      importanthost:
+        hostname: "needcheck.example.com"
+        options:
+          - "StrictHostKeyChecking yes"
 
     google_auth:
       ssh: |
diff --git a/users/init.sls b/users/init.sls
index 9326b26..2b740b5 100644
--- a/users/init.sls
+++ b/users/init.sls
@@ -208,6 +208,24 @@ users_ssh_auth_delete_{{ name }}_{{ loop.index0 }}:
 {% endfor %}
 {% endif %}
 
+{% if 'ssh_config' in user %}
+users_ssh_config_{{ name }}:
+  file.managed:
+    - name: {{ home }}/.ssh/config
+    - user: {{ name }}
+    - group: {{ user_group }}
+    - mode: 640
+    - contents: |
+        # Managed by Saltstack
+        {% for label, setting in user.ssh_config.items() %}
+        # {{ label }}
+        Host {{ setting.get('hostname') }}
+          {%- for opts in setting.get('options') %}
+          {{ opts }}
+          {%- endfor %}
+        {% endfor -%}
+{% endif %}
+
 {% if 'sudouser' in user and user['sudouser'] %}
 
 users_sudoer-{{ name }}: