diff --git a/doc/configuration.rst b/doc/configuration.rst
index 117d08e..17c4436 100644
--- a/doc/configuration.rst
+++ b/doc/configuration.rst
@@ -589,7 +589,6 @@ prevent users from deleting branches in their git repositories.
 Defaults to: ``True``.
 
 
-=======
 LOCAL_SSH_KEY
 ~~~~~~~~~~~~~
 
@@ -600,6 +599,16 @@ In most cases, it will be fine to let pagure handle it.
 Defaults to ``True``.
 
 
+DEPLOY_KEY
+~~~~~~~~~~
+
+This configuration key allows to disable the deploy keys feature of an
+entire pagure instance. This feature enable to add extra public ssh keys
+that a third party could use to push to a project.
+
+Defaults to ``True``.
+
+
 OLD_VIEW_COMMIT_ENABLED
 ~~~~~~~~~~~~~~~~~~~~~~~
 
diff --git a/pagure/default_config.py b/pagure/default_config.py
index 5dd0813..225c637 100644
--- a/pagure/default_config.py
+++ b/pagure/default_config.py
@@ -71,6 +71,9 @@ ALLOW_DELETE_BRANCH = True
 # Enable / Disable having pagure manage the user's ssh keys
 LOCAL_SSH_KEY = True
 
+# Enable / Disable deploy keys
+DEPLOY_KEY = True
+
 # Enables / Disables showing all the projects by default on the front page
 SHOW_PROJECTS_INDEX = ['repos', 'myrepos', 'myforks']
 
diff --git a/pagure/templates/settings.html b/pagure/templates/settings.html
index 62b8375..8861583 100644
--- a/pagure/templates/settings.html
+++ b/pagure/templates/settings.html
@@ -499,7 +499,7 @@
     </div>
     {% endif %}
 
-
+    {% if config.get('DEPLOY_KEY', True) %}
     <div class="col-md-8 col-md-offset-2">
       <div class="card">
         <div class="card-header">
@@ -546,6 +546,7 @@
           </ul>
       </div>
     </div>
+    {% endif %}
 
 
     {% if plugins %}
diff --git a/pagure/ui/repo.py b/pagure/ui/repo.py
index a029bb5..dfea6bc 100644
--- a/pagure/ui/repo.py
+++ b/pagure/ui/repo.py
@@ -1495,6 +1495,9 @@ def remove_deploykey(repo, keyid, username=None, namespace=None):
     """ Remove the specified deploy key from the project.
     """
 
+    if not APP.config.get('DEPLOY_KEY', True):
+        flask.abort(404, 'This pagure instance disabled deploy keys')
+
     if admin_session_timedout():
         flask.flash('Action canceled, try it again', 'error')
         url = flask.url_for(
@@ -1619,6 +1622,9 @@ def add_deploykey(repo, username=None, namespace=None):
     """ Add the specified deploy key to the project.
     """
 
+    if not APP.config.get('DEPLOY_KEY', True):
+        flask.abort(404, 'This pagure instance disabled deploy keys')
+
     if admin_session_timedout():
         if flask.request.method == 'POST':
             flask.flash('Action canceled, try it again', 'error')
diff --git a/tests/test_pagure_flask_ui_repo.py b/tests/test_pagure_flask_ui_repo.py
index 563aa99..767a415 100644
--- a/tests/test_pagure_flask_ui_repo.py
+++ b/tests/test_pagure_flask_ui_repo.py
@@ -205,6 +205,22 @@ class PagureFlaskRepotests(tests.Modeltests):
             self.assertIn('Deploy key added', output.data)
             self.assertIn('PUSH ACCESS', output.data)
 
+    @patch('pagure.ui.repo.admin_session_timedout')
+    @patch.dict('pagure.APP.config', {'DEPLOY_KEY': False})
+    def test_add_deploykey_disabled(self, ast):
+        """ Test the add_deploykey endpoint when it's disabled in the config.
+        """
+        ast.return_value = False
+        tests.create_projects(self.session)
+        tests.create_projects_git(os.path.join(self.path, 'repos'))
+
+        user = tests.FakeUser(username='pingou')
+        with tests.user_set(pagure.APP, user):
+            output = self.app.get('/test/adddeploykey')
+            self.assertEqual(output.status_code, 404)
+
+            output = self.app.post('/test/adddeploykey')
+            self.assertEqual(output.status_code, 404)
 
     @patch('pagure.ui.repo.admin_session_timedout')
     def test_add_user(self, ast):
@@ -514,7 +530,6 @@ class PagureFlaskRepotests(tests.Modeltests):
 
         pagure.APP.config['ENABLE_USER_MNGT'] = True
 
-
     @patch('pagure.ui.repo.admin_session_timedout')
     def test_remove_deploykey(self, ast):
         """ Test the remove_deploykey endpoint. """
@@ -590,6 +605,20 @@ class PagureFlaskRepotests(tests.Modeltests):
             self.assertIn('<h3>Settings for test</h3>', output.data)
             self.assertIn('Deploy key removed', output.data)
 
+    @patch('pagure.ui.repo.admin_session_timedout')
+    @patch.dict('pagure.APP.config', {'DEPLOY_KEY': False})
+    def test_remove_deploykey_disabled(self, ast):
+        """ Test the remove_deploykey endpoint when it's disabled in the
+        config.
+        """
+        ast.return_value = False
+        tests.create_projects(self.session)
+        tests.create_projects_git(os.path.join(self.path, 'repos'))
+
+        user = tests.FakeUser(username='pingou')
+        with tests.user_set(pagure.APP, user):
+            output = self.app.post('/test/dropdeploykey/1')
+            self.assertEqual(output.status_code, 404)
 
     @patch('pagure.ui.repo.admin_session_timedout')
     def test_remove_user(self, ast):