diff --git a/conf/quads.yml b/conf/quads.yml
index 089b777ca..1c8344ec3 100644
--- a/conf/quads.yml
+++ b/conf/quads.yml
@@ -100,6 +100,8 @@ foreman_password: password
 foreman_default_os: "RHEL 7"
 foreman_default_ptable: "generic-rhel7"
 foreman_default_medium: "RHEL Local"
+# This corresponds to your 'sshpw --username=root my_kickstart_password' foreman template
+foreman_kickstart_password: my_kickstart_password
 
 # Foreman RBAC fix ignore
 # variable to pass cloud names to be excluded from foreman_heal
diff --git a/quads/tools/ssh_helper.py b/quads/tools/ssh_helper.py
index 9227624bb..d7e5b5728 100755
--- a/quads/tools/ssh_helper.py
+++ b/quads/tools/ssh_helper.py
@@ -14,10 +14,11 @@ class SSHHelperException(Exception):
 
 
 class SSHHelper(object):
-    def __init__(self, _host, _user=None, _password=None):
+    def __init__(self, _host, _user=None, _password=None, _no_key=None):
         self.host = _host
         self.user = _user
         self.password = _password
+        self.no_key = _no_key
         try:
             self.ssh = self.connect()
         except SSHHelperException as ex:
@@ -34,13 +35,17 @@ def connect(self):
         host_config = config.lookup(self.host)
         ssh.set_missing_host_key_policy(AutoAddPolicy())
         ssh.load_system_host_keys()
+        if self.no_key:
+            key_filename=None
+        else:
+            key_filename=host_config["identityfile"][0]
 
         try:
             ssh.connect(
                 self.host,
                 username=self.user,
                 password=self.password,
-                key_filename=host_config["identityfile"][0],
+                key_filename=key_filename,
                 allow_agent=False,
                 timeout=30,
             )
diff --git a/quads/tools/validate_env.py b/quads/tools/validate_env.py
index 217e72e51..2c331ff94 100755
--- a/quads/tools/validate_env.py
+++ b/quads/tools/validate_env.py
@@ -136,6 +136,23 @@ async def post_system_test(self):
                     try:
                         nc = Netcat(host)
                         healthy = await nc.health_check()
+                        if healthy:
+                            success_ssh = True
+                            try:
+                                no_key = True
+                                ssh_helper = SSHHelper(host, "root", str(Config["foreman_kickstart_password"]), no_key)
+                            except (SSHHelperException, SSHException, NoValidConnectionsError, socket.timeout) as ex:
+                                logger.error(str(ex))
+                                logger.error(
+                                    "Could not establish connection with host: %s." % host
+                                )
+                                success_ssh = False
+                            if success_ssh:
+                                # If ssh succeeds with the default kickstart password, we assume kickstart is
+                                # still in progress, and we toggle healthy to avoid inadvertantly rebooting host
+                                # during installation
+                                healthy = False
+                            ssh_helper.disconnect()
                     except OSError:
                         healthy = False
                     if not healthy: