diff --git a/manifests/main/files.pp b/manifests/main/files.pp
index 118cf09..6543586 100644
--- a/manifests/main/files.pp
+++ b/manifests/main/files.pp
@@ -23,7 +23,7 @@ class confdroid_ssh::main::files (
 
   if $ssh_manage_config {
     file { $sshd_custom_conf:
-      ensure   => file,
+      ensure   => $ssh_custom_ensure,
       path     => $sshd_custom_conf,
       owner    => $sshd_user,
       group    => $sshd_user,
diff --git a/manifests/params.pp b/manifests/params.pp
index 6040012..fa28b2d 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -196,6 +196,8 @@
 #   time interval if desired. This setting can be used to limit the amount of time
 #   that attackers have to attempt to brute-force authentication, but should be set
 #   to a reasonable value to avoid disconnecting legitimate users who may need more time to log
+# @param [String] ssh_custom_ensure whether the custom configuration file 
+#   should be file or absent.
 ##############################################################################
 class confdroid_ssh::params (
 
@@ -209,6 +211,7 @@ class confdroid_ssh::params (
   String $ssh_source_range                  = '0.0.0.0/0',
 
   # sshd configuration 
+  String  $ssh_custom_ensure                = 'file',
   Boolean $ssh_manage_config                = true,
   String  $ssh_address_family               = 'any',
   String  $ssh_listen_address               = '0.0.0.0',