diff --git a/ssh/files/ssh_config.jinja b/ssh/files/ssh_config.jinja
new file mode 100644
index 0000000..19cc7d2
--- /dev/null
+++ b/ssh/files/ssh_config.jinja
@@ -0,0 +1,7 @@
+# Managed by salt
+{% for host, config in pillar['ssh_config'].items() %}
+Host {{host}}
+{%   for key, val in config.items() %}
+    {{key}} {{val }}
+{%   endfor -%}
+{% endfor -%}
diff --git a/ssh/init.sls b/ssh/init.sls
index e3421f2..b53934a 100644
--- a/ssh/init.sls
+++ b/ssh/init.sls
@@ -3,4 +3,24 @@
   file.managed:
     - source: 'salt://ssh/files/authorized_keys.jinja'
     - template: jinja
+    - user: root
+    - group: root
     - mode: 400
+
+/root/.ssh/config:
+  file.managed:
+    - source: 'salt://ssh/files/ssh_config.jinja'
+    - template: jinja
+    - user: root
+    - group: root
+    - mode: 400
+
+{% for user in salt.pillar.get('authkey_users', []) %}
+/home/{{user}}/.ssh/authorized_keys:
+  file.managed:
+    - source: 'salt://ssh/files/authorized_keys.jinja'
+    - template: jinja
+    - user: {{user}}
+    - group: {{user}}
+    - mode: 400
+{% endfor %}