diff --git a/README.md b/README.md
index 0abae00..7f754d6 100644
--- a/README.md
+++ b/README.md
@@ -25,7 +25,7 @@
 ## Features
 
 - install required binaries
-- manage required files and directories including selinux context 
+- manage required files and directories including selinux context
 - manage service
 - (optional) manage firewall
 
diff --git a/manifests/custom/custom_config.pp b/manifests/custom/custom_config.pp
new file mode 100644
index 0000000..db514a8
--- /dev/null
+++ b/manifests/custom/custom_config.pp
@@ -0,0 +1,34 @@
+## confdroid_ssh::custom::custom_config.pp
+# Module name: confdroid_ssh
+# Author: 12ww1160 (12ww1160@confdroid.com)
+# @summary Class manages custom configurations for SSH
+# @param [String] config_name name of the custom configuration file 
+#   (without .conf extension)
+# @param [Array[String]] config_content array of configuration lines to 
+#   include in the custom config
+##############################################################################
+define confdroid_ssh::custom::custom_config (
+
+  String $config_name,
+  Array[String] $config_content,
+
+) {
+  $sshd_custom_path  = $confdroid_ssh::params::sshd_custom_path
+  $sshd_service      = $confdroid_ssh::params::sshd_service
+  $custom_config_erb = 'confdroid_ssh/custom_config.erb'
+  $config_basename   = regsubst($config_name, '\\.conf$', '')
+  $config_file       = "${config_basename}.conf"
+
+  file { "${sshd_custom_path}/${config_file}":
+    ensure   => file,
+    content  => template($custom_config_erb),
+    owner    => 'root',
+    group    => 'root',
+    mode     => '0600',
+    selrange => s0,
+    selrole  => object_r,
+    seltype  => etc_t,
+    seluser  => system_u,
+    notify   => Service[$sshd_service],
+  }
+}
diff --git a/templates/custom_config.erb b/templates/custom_config.erb
new file mode 100644
index 0000000..c7f8960
--- /dev/null
+++ b/templates/custom_config.erb
@@ -0,0 +1,8 @@
+###############################################################################
+##### DO NOT EDIT THIS FILE MANUALLY                                          #
+##### This file is managed by Puppet. Any changes to this file will be        #
+##### overwritten. Update the Puppet define input instead.                    #
+###############################################################################
+<% @config_content.each do |config_line| -%>
+<%= config_line %>
+<% end -%>
\ No newline at end of file