diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
index f64bd8254b872ef476c15f4784beab053f7acab3..5ddf7f1f7c8ec584cf04a87e8b96dfa4dcaade88 100644
--- a/src/qemu/qemu_block.c
+++ b/src/qemu/qemu_block.c
@@ -911,6 +911,7 @@ qemuBlockStorageSourceGetSshProps(virStorageSourcePtr src)
     g_autoptr(virJSONValue) serverprops = NULL;
     virJSONValuePtr ret = NULL;
     const char *username = NULL;
+    g_autoptr(virJSONValue) host_key_check = NULL;
 
     if (src->nhosts != 1) {
         virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
@@ -924,11 +925,20 @@ qemuBlockStorageSourceGetSshProps(virStorageSourcePtr src)
 
     if (src->auth)
         username = src->auth->username;
+    else if (src->ssh_user)
+        username = src->ssh_user;
+
+    if (src->ssh_host_key_check_disabled &&
+        virJSONValueObjectCreate(&host_key_check,
+                                 "s:mode", "none",
+                                 NULL) < 0)
+        return NULL;
 
     if (virJSONValueObjectCreate(&ret,
                                  "s:path", src->path,
                                  "a:server", &serverprops,
                                  "S:user", username,
+                                 "A:host-key-check", &host_key_check,
                                  NULL) < 0)
         return NULL;
 
diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c
index ab2f0ead5f35eab82c138a437b4fd7db5723eb5f..870c40f446644fd8d2628d522bfaf17f37bfa595 100644
--- a/src/util/virstoragefile.c
+++ b/src/util/virstoragefile.c
@@ -2464,6 +2464,10 @@ virStorageSourceCopy(const virStorageSource *src,
             return NULL;
     }
 
+    /* ssh config passthrough for libguestfs */
+    def->ssh_host_key_check_disabled = src->ssh_host_key_check_disabled;
+    def->ssh_user = g_strdup(src->ssh_user);
+
     return g_steal_pointer(&def);
 }
 
@@ -2705,6 +2709,8 @@ virStorageSourceClear(virStorageSourcePtr def)
     VIR_FREE(def->tlsAlias);
     VIR_FREE(def->tlsCertdir);
 
+    VIR_FREE(def->ssh_user);
+
     virStorageSourceInitiatorClear(&def->initiator);
 
     /* clear everything except the class header as the object APIs
@@ -3635,6 +3641,8 @@ virStorageSourceParseBackingJSONSSH(virStorageSourcePtr src,
     const char *path = virJSONValueObjectGetString(json, "path");
     const char *host = virJSONValueObjectGetString(json, "host");
     const char *port = virJSONValueObjectGetString(json, "port");
+    const char *user = virJSONValueObjectGetString(json, "user");
+    const char *host_key_check = virJSONValueObjectGetString(json, "host_key_check");
     virJSONValuePtr server = virJSONValueObjectGetObject(json, "server");
 
     if (!(host || server) || !path) {
@@ -3665,6 +3673,11 @@ virStorageSourceParseBackingJSONSSH(virStorageSourcePtr src,
             return -1;
     }
 
+    /* these two are parsed just to be passed back as we don't model them yet */
+    src->ssh_user = g_strdup(user);
+    if (STREQ_NULLABLE(host_key_check, "no"))
+        src->ssh_host_key_check_disabled = true;
+
     return 0;
 }
 
diff --git a/src/util/virstoragefile.h b/src/util/virstoragefile.h
index dd2186c4ff4292e8b000cebec082b45c4994ce01..f2a73feb6a3ddc590ac1a042158fecfff8a0f861 100644
--- a/src/util/virstoragefile.h
+++ b/src/util/virstoragefile.h
@@ -384,6 +384,11 @@ struct _virStorageSource {
                        as a source for floppy drive */
 
     bool hostcdrom; /* backing device is a cdrom */
+
+    /* passthrough variables for the ssh driver which we don't handle properly */
+    /* these must not be used apart from formatting the output JSON in the qemu driver */
+    char *ssh_user;
+    bool ssh_host_key_check_disabled;
 };
 
 G_DEFINE_AUTOPTR_CLEANUP_FUNC(virStorageSource, virObjectUnref);
diff --git a/tests/qemublocktest.c b/tests/qemublocktest.c
index ec32d28188d7f772507ff7d4b4e1d26832629de9..7a2204787ef146e470fc2c615eeda58a87de3e53 100644
--- a/tests/qemublocktest.c
+++ b/tests/qemublocktest.c
@@ -1136,6 +1136,7 @@ mymain(void)
     jsontojsondata.schemaroot = qmp_schemaroot_x86_64_blockdev_add;
 
     TEST_JSON_TO_JSON("curl-libguestfs");
+    TEST_JSON_TO_JSON("ssh-passthrough-libguestfs");
 
 #define TEST_IMAGE_CREATE(testname, testbacking) \
     do { \
diff --git a/tests/qemublocktestdata/jsontojson/ssh-passthrough-libguestfs-in.json b/tests/qemublocktestdata/jsontojson/ssh-passthrough-libguestfs-in.json
new file mode 100644
index 0000000000000000000000000000000000000000..da8fedef07cc22c17235395fd8d814881af6e7ae
--- /dev/null
+++ b/tests/qemublocktestdata/jsontojson/ssh-passthrough-libguestfs-in.json
@@ -0,0 +1 @@
+json:{"file.driver":"ssh","file.user":"testuser","file.host":"random.host","file.port":1234,"file.path":"somewhere/something","file.host_key_check":"no"}
diff --git a/tests/qemublocktestdata/jsontojson/ssh-passthrough-libguestfs-out.json b/tests/qemublocktestdata/jsontojson/ssh-passthrough-libguestfs-out.json
new file mode 100644
index 0000000000000000000000000000000000000000..1f6032deb4b2f98913bb2ffb7c273af6cf0db51f
--- /dev/null
+++ b/tests/qemublocktestdata/jsontojson/ssh-passthrough-libguestfs-out.json
@@ -0,0 +1,14 @@
+{
+  "driver": "ssh",
+  "path": "somewhere/something",
+  "server": {
+    "host": "random.host",
+    "port": "22"
+  },
+  "user": "testuser",
+  "host-key-check": {
+    "mode": "none"
+  },
+  "auto-read-only": true,
+  "discard": "unmap"
+}