diff --git a/examples/remote_execution_ssh-ssh_log_level.pp b/examples/remote_execution_ssh-ssh_log_level.pp
new file mode 100644
index 00000000..d539dcf1
--- /dev/null
+++ b/examples/remote_execution_ssh-ssh_log_level.pp
@@ -0,0 +1,4 @@
+include foreman_proxy
+class { 'foreman_proxy::plugin::remote_execution::ssh':
+  ssh_log_level => 'debug',
+}
diff --git a/manifests/plugin/remote_execution/ssh.pp b/manifests/plugin/remote_execution/ssh.pp
index 4ef1dd01..2dad6895 100644
--- a/manifests/plugin/remote_execution/ssh.pp
+++ b/manifests/plugin/remote_execution/ssh.pp
@@ -23,6 +23,8 @@
 #
 # $remote_working_dir:: Remote working directory on clients
 #
+# $ssh_log_level::      Configure ssh client LogLevel
+#
 # === Advanced parameters:
 #
 # $enabled::            Enables/disables the plugin
@@ -41,6 +43,7 @@
   Stdlib::Absolutepath $remote_working_dir = '/var/tmp',
   Boolean $ssh_kerberos_auth = false,
   Enum['ssh', 'ssh-async'] $mode = 'ssh',
+  Optional[Foreman_proxy::Sshloglevel] $ssh_log_level = undef,
 ) {
   $ssh_identity_path = "${ssh_identity_dir}/${ssh_identity_file}"
 
diff --git a/spec/acceptance/remote_execution_ssh_spec.rb b/spec/acceptance/remote_execution_ssh_spec.rb
index dc5e2f83..129cc97e 100644
--- a/spec/acceptance/remote_execution_ssh_spec.rb
+++ b/spec/acceptance/remote_execution_ssh_spec.rb
@@ -6,4 +6,20 @@
   include_examples 'the example', 'remote_execution_ssh.pp'
 
   it_behaves_like 'the default foreman proxy application'
+
+  describe file('/etc/foreman-proxy/settings.d/remote_execution_ssh.yml') do
+    its(:content) { is_expected.to_not match %r{:ssh_log_level:} }
+  end
+end
+
+describe 'Scenario: install foreman-proxy with remote_execution ssh plugin and ssh_log_level param' do
+  before(:context) { purge_installed_packages }
+
+  include_examples 'the example', 'remote_execution_ssh-ssh_log_level.pp'
+
+  it_behaves_like 'the default foreman proxy application'
+
+  describe file('/etc/foreman-proxy/settings.d/remote_execution_ssh.yml') do
+    its(:content) { is_expected.to match %r{:ssh_log_level: debug} }
+  end
 end
diff --git a/spec/classes/foreman_proxy__plugin__remote_execution__ssh_spec.rb b/spec/classes/foreman_proxy__plugin__remote_execution__ssh_spec.rb
index 8f1cee60..3bc24d22 100644
--- a/spec/classes/foreman_proxy__plugin__remote_execution__ssh_spec.rb
+++ b/spec/classes/foreman_proxy__plugin__remote_execution__ssh_spec.rb
@@ -15,6 +15,7 @@
             with_content(/^:enabled: https/).
             with_content(%r{:ssh_identity_key_file: /var/lib/foreman-proxy/ssh/id_rsa_foreman_proxy}).
             with_content(%r{:kerberos_auth: false}).
+            without_content(%r{:ssh_log_level:}).
             with({
               :ensure  => 'file',
               :owner   => 'root',
@@ -42,6 +43,7 @@
           :install_key        => true,
           :ssh_kerberos_auth  => true,
           :mode               => 'ssh-async',
+          :ssh_log_level      => 'debug',
         } end
 
         it { should contain_class('foreman_proxy::plugin::dynflow') }
@@ -55,6 +57,7 @@
             with_content(%r{:remote_working_dir: /tmp}).
             with_content(%r{:kerberos_auth: true}).
             with_content(%r{:mode: ssh-async}).
+            with_content(%r{:ssh_log_level: debug}).
             with({
               :ensure  => 'file',
               :owner   => 'root',
diff --git a/spec/type_aliases/sshloglevel_spec.rb b/spec/type_aliases/sshloglevel_spec.rb
new file mode 100644
index 00000000..0b413d40
--- /dev/null
+++ b/spec/type_aliases/sshloglevel_spec.rb
@@ -0,0 +1,16 @@
+require 'spec_helper'
+
+describe 'Foreman_proxy::Sshloglevel' do
+  # inconsistent with ssh_config(5)
+  # see https://github.com/theforeman/smart_proxy_remote_execution_ssh/blob/master/lib/smart_proxy_remote_execution_ssh/plugin.rb#L3
+  known_log_levels = %w[
+    debug
+    info
+    error
+    fatal
+  ]
+  it { is_expected.to allow_values(*known_log_levels) }
+  it { is_expected.not_to allow_value(nil) }
+  it { is_expected.not_to allow_value('all') }
+  it { is_expected.not_to allow_value('loud') }
+end
diff --git a/templates/plugin/remote_execution_ssh.yml.erb b/templates/plugin/remote_execution_ssh.yml.erb
index 06431921..58b2bc6e 100644
--- a/templates/plugin/remote_execution_ssh.yml.erb
+++ b/templates/plugin/remote_execution_ssh.yml.erb
@@ -4,6 +4,9 @@
 :local_working_dir: <%= scope.lookupvar('::foreman_proxy::plugin::remote_execution::ssh::local_working_dir') %>
 :remote_working_dir: <%= scope.lookupvar('::foreman_proxy::plugin::remote_execution::ssh::remote_working_dir') %>
 :kerberos_auth: <%= scope.lookupvar('::foreman_proxy::plugin::remote_execution::ssh::ssh_kerberos_auth') %>
+<% ssh_log_level = scope.lookupvar('::foreman_proxy::plugin::remote_execution::ssh::ssh_log_level'); if ssh_log_level -%>
+:ssh_log_level: <%= ssh_log_level %>
+<% end -%>
 
 # Whether to run remote execution jobs asynchronously
 :mode: <%= scope.lookupvar("::foreman_proxy::plugin::remote_execution::ssh::mode") %>
diff --git a/types/sshloglevel.pp b/types/sshloglevel.pp
new file mode 100644
index 00000000..3e70baf9
--- /dev/null
+++ b/types/sshloglevel.pp
@@ -0,0 +1,3 @@
+# The possible openssh LogLevel values. Note that these are values allowed by the
+# smart_proxy_remote_execution_ssh gem and are not consistent with the ssh_config(5) man page.
+type Foreman_proxy::Sshloglevel = Enum['debug', 'info', 'error', 'fatal']