diff --git a/modules/openstack_project/files/zuul/launcher_ssh_config b/modules/openstack_project/files/zuul/launcher_ssh_config
new file mode 100644
index 0000000000..7bc9b9209c
--- /dev/null
+++ b/modules/openstack_project/files/zuul/launcher_ssh_config
@@ -0,0 +1,12 @@
+HashKnownHosts No
+Host *.openstack.org
+  StrictHostKeyChecking No
+  UserKnownHostsFile ~/.ssh/known_hosts
+
+# NOTE(notmorgan): It is assumed that slaves are logged into
+# not via a hostname ending in ".openstack.org" such
+# as by IP address. This prevents storing the host keys of
+# these slave hosts
+Host * !*.openstack.org
+  StrictHostKeyChecking No
+  UserKnownHostsFile /dev/null
diff --git a/modules/openstack_project/manifests/zuul_launcher.pp b/modules/openstack_project/manifests/zuul_launcher.pp
index b766834987..890aa6df55 100644
--- a/modules/openstack_project/manifests/zuul_launcher.pp
+++ b/modules/openstack_project/manifests/zuul_launcher.pp
@@ -58,6 +58,22 @@ class openstack_project::zuul_launcher(
     notify  => Exec['zuul-launcher-reload'],
   }
 
+  file { '/home/zuul/.ssh':
+    ensure  => directory,
+    owner   => 'zuul',
+    group   => 'zuul',
+    mode    => '0700',
+    require => User['zuul'],
+  }
+
+  file { '/home/zuul/.ssh/config':
+    ensure  => present,
+    source  => 'puppet:///modules/openstack_project/zuul/launcher_ssh_config',
+    owner   => 'zuul',
+    group   => 'zuul',
+    require => File['/home/zuul/.ssh'],
+  }
+
   class { '::zuul':
     vhost_name              => $vhost_name,
     gearman_server          => $gearman_server,