diff --git a/group_vars/all/main.yml b/group_vars/all/main.yml
index 4109e71..5bd724a 100644
--- a/group_vars/all/main.yml
+++ b/group_vars/all/main.yml
@@ -35,7 +35,7 @@ sshd_max_auth_tries: 3
 
 sshd_max_sessions: 10
 
-sshd_permit_root_login: !!str "no"
+sshd_permit_root_login: !!str "prohibit-password"
 
 sshd_authorized_keys_file: ".ssh/authorized_keys .ssh/authorized_keys2"
 
@@ -557,10 +557,13 @@ microcode_intel_package:
 microcode_amd_package: 
   - amd64-microcode
 
-firmware_packages:
+firmware_packages_ubuntu:
   - firmware-linux
 
-firmware_non_free_packages:
+firmware_packages_debian:
+  - firmware-linux
+
+firmware_non_free_packages_debian:
    - firmware-linux-nonfree
 
 apt_install_state: latest
diff --git a/roles/common/tasks/apt.yml b/roles/common/tasks/apt.yml
index 19190a9..dd15452 100644
--- a/roles/common/tasks/apt.yml
+++ b/roles/common/tasks/apt.yml
@@ -230,9 +230,22 @@
 
 - name: (apt.yml) Install Firmware packages
   apt:
-     name: "{{ firmware_non_free_packages }}"
+     name: "{{ firmware_packages_ubuntu }}"
      state: present
      default_release: "{{ ansible_distribution_release }}"
+  when:
+    - ansible_facts['distribution'] == "Ubuntu"
+  tags:
+    - apt-initial-install
+    - apt-firmware
+
+- name: (apt.yml) Install Firmware packages
+  apt:
+     name: "{{ firmware_packages_debian }}"
+     state: present
+     default_release: "{{ ansible_distribution_release }}"
+  when:
+    - ansible_facts['distribution'] == "Debian"
   tags:
     - apt-initial-install
     - apt-firmware
@@ -240,10 +253,11 @@
 
 - name: (apt.yml) Install non-free Firmware packages
   apt:
-     name: "{{ firmware_non_free_packages }}"
+     name: "{{ firmware_non_free_packages_debian }}"
      state: present
      default_release: "{{ ansible_distribution_release }}"
   when:
+    - ansible_facts['distribution'] == "Debian"
     - apt_debian_contrib_nonfree_enable
   tags:
     - apt-initial-install