diff --git a/defaults/main.yml b/defaults/main.yml
index 3829852..60f5c8d 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,5 +1,6 @@
 ---
 #ssh_port: 22
+ssh_passwordauthentication: "yes"
 #ssh_allowusers:
 #  - user1
 #  - user2
diff --git a/templates/sshd_config-RedHat-6.j2 b/templates/sshd_config-RedHat-6.j2
index 4ceda9d..41db4a6 100644
--- a/templates/sshd_config-RedHat-6.j2
+++ b/templates/sshd_config-RedHat-6.j2
@@ -63,7 +63,7 @@ PermitRootLogin without-password
 # To disable tunneled clear text passwords, change to no here!
 #PasswordAuthentication yes
 #PermitEmptyPasswords no
-PasswordAuthentication yes
+PasswordAuthentication {{ ssh_passwordauthentication }}
 
 # Change to no to disable s/key passwords
 #ChallengeResponseAuthentication yes
diff --git a/templates/sshd_config-RedHat-7.j2 b/templates/sshd_config-RedHat-7.j2
index 6ef7e70..e57f80e 100644
--- a/templates/sshd_config-RedHat-7.j2
+++ b/templates/sshd_config-RedHat-7.j2
@@ -83,7 +83,7 @@ AuthorizedKeysFile	.ssh/authorized_keys
 # To disable tunneled clear text passwords, change to no here!
 #PasswordAuthentication yes
 #PermitEmptyPasswords no
-PasswordAuthentication yes
+PasswordAuthentication {{ ssh_passwordauthentication }}
 
 # Change to no to disable s/key passwords
 #ChallengeResponseAuthentication yes