diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml
new file mode 100644
index 0000000..a5bfd8c
--- /dev/null
+++ b/roles/common/handlers/main.yml
@@ -0,0 +1,7 @@
+---
+
+- name: Restart sshd service
+  become: true
+  ansible.builtin.systemd:
+    name: sshd
+    state: restarted
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index cdb5eed..5ac98e7 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -28,3 +28,13 @@
 - name: Setup etckeeper
   ansible.builtin.include_role:
     name: etckeeper
+
+- name: Copy sshd_config
+  become: true
+  ansible.builtin.template:
+    src: sshd_config.j2
+    dest: /etc/ssh/sshd_config.d/00-lime2.conf
+    mode: "644"
+    owner: root
+    group: root
+  notify: Restart sshd service
diff --git a/roles/common/templates/sshd_config.j2 b/roles/common/templates/sshd_config.j2
new file mode 100644
index 0000000..f1c1392
--- /dev/null
+++ b/roles/common/templates/sshd_config.j2
@@ -0,0 +1,4 @@
+# {{ ansible_managed }}
+
+PermitRootLogin no
+PasswordAuthentication no