diff --git a/elements/puppet-stack-config/os-apply-config/etc/puppet/hieradata/RedHat.yaml b/elements/puppet-stack-config/os-apply-config/etc/puppet/hieradata/RedHat.yaml
index a55f0c13a..1c9d8d6eb 100644
--- a/elements/puppet-stack-config/os-apply-config/etc/puppet/hieradata/RedHat.yaml
+++ b/elements/puppet-stack-config/os-apply-config/etc/puppet/hieradata/RedHat.yaml
@@ -1,2 +1,22 @@
 rabbitmq::package_provider: yum
 tripleo::selinux::mode: enforcing
+tripleo::profile::base::sshd::options:
+  HostKey:
+    - '/etc/ssh/ssh_host_rsa_key'
+    - '/etc/ssh/ssh_host_ecdsa_key'
+    - '/etc/ssh/ssh_host_ed25519_key'
+  SyslogFacility: 'AUTHPRIV'
+  AuthorizedKeysFile: '.ssh/authorized_keys'
+  ChallengeResponseAuthentication: 'no'
+  GSSAPIAuthentication: 'yes'
+  GSSAPICleanupCredentials: 'no'
+  UsePAM: 'yes'
+  UseDNS: 'no'
+  X11Forwarding: 'yes'
+  UsePrivilegeSeparation: 'sandbox'
+  AcceptEnv:
+    - 'LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES'
+    - 'LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT'
+    - 'LC_IDENTIFICATION LC_ALL LANGUAGE'
+    - 'XMODIFIERS'
+  Subsystem: 'sftp  /usr/libexec/openssh/sftp-server'