diff --git a/data/etc/plinth/plinth.config b/data/etc/plinth/plinth.config
index 2b874c152..c6120d5a5 100644
--- a/data/etc/plinth/plinth.config
+++ b/data/etc/plinth/plinth.config
@@ -7,6 +7,7 @@ server_dir = /plinth
 actions_dir = /usr/share/plinth/actions
 doc_dir = /usr/share/doc/freedombox
 custom_static_dir = /var/www/plinth/custom/static
+known_hosts = /var/lib/plinth/.ssh/known_hosts
 
 # file locations
 store_file = %(data_dir)s/plinth.sqlite3
diff --git a/plinth.config b/plinth.config
index 340e92f53..c1ea0789f 100644
--- a/plinth.config
+++ b/plinth.config
@@ -7,6 +7,7 @@ server_dir = /plinth
 actions_dir = %(file_root)s/actions
 doc_dir = %(file_root)s/doc
 custom_static_dir = %(file_root)s/data/var/www/plinth/custom/static
+known_hosts = %(data_dir)s/.ssh/known_hosts
 
 # file locations
 store_file = %(data_dir)s/plinth.sqlite3
diff --git a/plinth/cfg.py b/plinth/cfg.py
index 95630da6a..31af8e238 100644
--- a/plinth/cfg.py
+++ b/plinth/cfg.py
@@ -38,6 +38,7 @@ secure_proxy_ssl_header = None
 develop = False
 server_dir = '/'
 danube_edition = False
+known_hosts = None
 
 config_file = None
 
@@ -96,6 +97,7 @@ def read(config_path=None, root_directory=None):
         ('Path', 'actions_dir', 'string'),
         ('Path', 'doc_dir', 'string'),
         ('Path', 'server_dir', 'string'),
+        ('Path', 'known_hosts', 'string'),
         ('Network', 'host', 'string'),
         ('Network', 'port', 'int'),
         ('Network', 'secure_proxy_ssl_header', 'string'),
diff --git a/plinth/modules/backups/__init__.py b/plinth/modules/backups/__init__.py
index 39d4bb2a0..7b339f296 100644
--- a/plinth/modules/backups/__init__.py
+++ b/plinth/modules/backups/__init__.py
@@ -149,7 +149,7 @@ def is_ssh_hostkey_verified(hostname):
     """Check whether SSH Hostkey has already been verified.
     hostname: Domain name or IP address of the host
     """
-    known_hosts_path = os.path.join(cfg.data_dir, '.ssh', 'known_hosts')
+    known_hosts_path = cfg.known_hosts
     if not os.path.exists(known_hosts_path):
         return False
 
diff --git a/plinth/modules/backups/repository.py b/plinth/modules/backups/repository.py
index ee2d6857b..2f974aa68 100644
--- a/plinth/modules/backups/repository.py
+++ b/plinth/modules/backups/repository.py
@@ -330,10 +330,9 @@ class SshBorgRepository(BorgRepository):
     def mount(self):
         if self.is_mounted:
             return
-        known_hosts_path = os.path.join(cfg.data_dir, '.ssh', 'known_hosts')
         arguments = [
             'mount', '--mountpoint', self.mountpoint, '--path', self._path,
-            '--user-known-hosts-file', known_hosts_path
+            '--user-known-hosts-file', cfg.known_hosts
         ]
         arguments, kwargs = self._append_sshfs_arguments(
             arguments, self.credentials)
diff --git a/plinth/modules/backups/views.py b/plinth/modules/backups/views.py
index 5200abd45..394cbbe73 100644
--- a/plinth/modules/backups/views.py
+++ b/plinth/modules/backups/views.py
@@ -327,7 +327,7 @@ class VerifySshHostkeyView(SuccessMessageMixin, FormView):
     @staticmethod
     def _add_ssh_hostkey(hostname, key_type):
         """Add the given SSH key to known_hosts."""
-        known_hosts_path = os.path.join(cfg.data_dir, '.ssh', 'known_hosts')
+        known_hosts_path = cfg.known_hosts
         if not os.path.exists(known_hosts_path):
             os.makedirs(known_hosts_path.rsplit('/', maxsplit=1)[0])
             open(known_hosts_path, 'w').close()
@@ -440,9 +440,7 @@ def _validate_remote_repository(path, credentials, uuid=None):
 def _ssh_connection(hostname, username, password):
     """Context manager to create and close an SSH connection."""
     ssh_client = paramiko.SSHClient()
-
-    known_hosts_path = os.path.join(cfg.data_dir, '.ssh', 'known_hosts')
-    ssh_client.load_host_keys(known_hosts_path)
+    ssh_client.load_host_keys(cfg.known_hosts)
 
     try:
         ssh_client.connect(hostname, username=username, password=password)
diff --git a/plinth/tests/data/etc/plinth/plinth.config b/plinth/tests/data/etc/plinth/plinth.config
index 340e92f53..c1ea0789f 100644
--- a/plinth/tests/data/etc/plinth/plinth.config
+++ b/plinth/tests/data/etc/plinth/plinth.config
@@ -7,6 +7,7 @@ server_dir = /plinth
 actions_dir = %(file_root)s/actions
 doc_dir = %(file_root)s/doc
 custom_static_dir = %(file_root)s/data/var/www/plinth/custom/static
+known_hosts = %(data_dir)s/.ssh/known_hosts
 
 # file locations
 store_file = %(data_dir)s/plinth.sqlite3
diff --git a/plinth/tests/test_cfg.py b/plinth/tests/test_cfg.py
index c01146f56..8a412565f 100644
--- a/plinth/tests/test_cfg.py
+++ b/plinth/tests/test_cfg.py
@@ -120,7 +120,7 @@ def compare_configurations(parser):
     """Compare two sets of configuration values."""
     # Note that the count of items within each section includes the number
     # of default items (1, for 'root').
-    assert len(parser.items('Path')) == 9
+    assert len(parser.items('Path')) == 10
     assert parser.get('Path', 'root') == cfg.root
     assert parser.get('Path', 'file_root') == cfg.file_root
     assert parser.get('Path', 'config_dir') == cfg.config_dir