diff --git a/roles/ssh-nopassword-login/handlers/main.yml b/roles/ssh-nopassword-login/handlers/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..df0d3deeca457c10a9805a439cb4a61087cac8d3
--- /dev/null
+++ b/roles/ssh-nopassword-login/handlers/main.yml
@@ -0,0 +1,9 @@
+- name: "restart sshd"
+  service: name=sshd state=restarted
+  sudo: true
+  when: ansible_os_family == "RedHat"
+
+- name: "restart ssh"
+  service: name=ssh state=restarted
+  sudo: true
+  when: ansible_os_family == "Debian"
diff --git a/roles/ssh-nopassword-login/tasks/main.yml b/roles/ssh-nopassword-login/tasks/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..f8594e1902a904b5be06ab3575c1ae697532b854
--- /dev/null
+++ b/roles/ssh-nopassword-login/tasks/main.yml
@@ -0,0 +1,24 @@
+- name: "Disable Challenge Response"
+  lineinfile:
+  args:
+    dest: /etc/ssh/sshd_config
+    regexp: "ChallengeResponseAuthentication yes"
+    line: "ChallengeResponseAuthentication no" 
+    backrefs: yes
+  sudo: true
+  notify: 
+  - restart sshd
+  - restart ssh
+
+- name: "Disable Password"
+  lineinfile:
+  args:
+    dest: /etc/ssh/sshd_config
+    regexp: "PasswordAuthentication yes"
+    line: "PasswordAuthentication no"
+    backrefs: yes
+  sudo: true
+  notify: 
+  - restart sshd
+  - restart ssh
+
diff --git a/roles/ssh-nopassword-login/tasks/main.yml~ b/roles/ssh-nopassword-login/tasks/main.yml~
new file mode 100644
index 0000000000000000000000000000000000000000..f8594e1902a904b5be06ab3575c1ae697532b854
--- /dev/null
+++ b/roles/ssh-nopassword-login/tasks/main.yml~
@@ -0,0 +1,24 @@
+- name: "Disable Challenge Response"
+  lineinfile:
+  args:
+    dest: /etc/ssh/sshd_config
+    regexp: "ChallengeResponseAuthentication yes"
+    line: "ChallengeResponseAuthentication no" 
+    backrefs: yes
+  sudo: true
+  notify: 
+  - restart sshd
+  - restart ssh
+
+- name: "Disable Password"
+  lineinfile:
+  args:
+    dest: /etc/ssh/sshd_config
+    regexp: "PasswordAuthentication yes"
+    line: "PasswordAuthentication no"
+    backrefs: yes
+  sudo: true
+  notify: 
+  - restart sshd
+  - restart ssh
+