diff --git a/deploy/user.sls b/deploy/user.sls
index 70d3880a38451114a083e4c1a316e36955d1c6be..85baa57e4e64a7d7b5d0d1ecb05f58595d1d8208 100644
--- a/deploy/user.sls
+++ b/deploy/user.sls
@@ -5,19 +5,42 @@ deployer:
   group.absent: []
 
 
-/root/.ssh/known_hosts:
+deploy_user_ssh_known_hosts_file_present:
   file.managed:
-    - source: salt://deploy/tpl/ssh/known_hosts
+    - name: /root/.ssh/known_hosts
+    - create: True
+    - makedirs: True
     - user: root
     - group: root
+    - mode: 600
+
+deploy_user_add_managed_host_keys_to_known_hosts:
+  file.blockreplace:
+    - name: /root/.ssh/known_hosts
+    - append_if_not_found: True
+    - show_changes: True
+    - source: salt://deploy/tpl/ssh/known_hosts
     - makedirs: True
+    - require:
+      - file: deploy_user_ssh_known_hosts_file_present
 
-/root/.ssh/config:
+deploy_users_ssh_config_file_present:
   file.managed:
-    - source: salt://deploy/tpl/ssh/config
+    - name: /root/.ssh/config
+    - create: True
+    - makedirs: True
     - user: root
     - group: root
-    - makedirs: True
+    - mode: 600
+
+deploy_users_add_managed_config_to_ssh_config_file:
+  file.blockreplace:
+    - name: /root/.ssh/config
+    - append_if_not_found: True
+    - show_changes: True
+    - source: salt://deploy/tpl/ssh/config
+    - require:
+      - file: deploy_users_ssh_config_file_present
 
 deploy_key:
   file.managed:
@@ -43,4 +66,4 @@ deploy_key:
     - shell: /bin/false
     - groups: {{ user_groups }}
 
-{% endfor %}
\ No newline at end of file
+{% endfor %}