diff --git a/sshenable/sshenable.json b/sshenable/sshenable.json
new file mode 100644
index 0000000..2d8737c
--- /dev/null
+++ b/sshenable/sshenable.json
@@ -0,0 +1,21 @@
+{
+	"name": "sshenable",
+	"text": "%1 secure shell (SSH) server",
+	"script": "sshenable.sh",
+	"args": [
+		{
+			"type": "menu",
+			"options": ["Enable", "Disable"]
+		}
+	],
+	"network": false,
+	"continue": true,
+	"type": "software",
+	"category":"software",
+	"supportedOperatingSystems": [
+		"raspbian-pibakery.img",
+		"raspbian-lite-pibakery.img"
+	],
+	"shortDescription":"Enable or disable the SSH server.",
+	"longDescription":"By default, the built in secure shell (SSH) server does not run on startup. Using this block you can enable it, or disable it if you have already enabled it."
+}
diff --git a/sshenable/sshenable.sh b/sshenable/sshenable.sh
new file mode 100644
index 0000000..54fbdfa
--- /dev/null
+++ b/sshenable/sshenable.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+if [ "$1" == "Enable" ]
+then
+  systemctl enable ssh
+  systemctl start ssh
+else
+  systemctl disable ssh
+  systemctl stop ssh
+fi
diff --git a/sshpasswordauth/sshpasswordauth.json b/sshpasswordauth/sshpasswordauth.json
new file mode 100644
index 0000000..c88f750
--- /dev/null
+++ b/sshpasswordauth/sshpasswordauth.json
@@ -0,0 +1,21 @@
+{
+	"name": "sshpasswordauth",
+	"text": "%1 SSH password authentication",
+	"script": "sshpasswordauth.sh",
+	"args": [
+		{
+			"type": "menu",
+			"options": ["Enable", "Disable"]
+		}
+	],
+	"network": false,
+	"continue": true,
+	"type": "setting",
+	"category":"setting",
+	"supportedOperatingSystems": [
+		"raspbian-pibakery.img",
+		"raspbian-lite-pibakery.img"
+	],
+	"shortDescription":"Enable or disable password authentication for the SSH server.",
+	"longDescription":"The secure shell (SSH) service supports password authentication by default. Use this setting to disable it, and allow SSH access only via public key authentication. Make sure you have authorized a public key first!"
+}
diff --git a/sshpasswordauth/sshpasswordauth.sh b/sshpasswordauth/sshpasswordauth.sh
new file mode 100644
index 0000000..fd71de0
--- /dev/null
+++ b/sshpasswordauth/sshpasswordauth.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+if [ "$1" == "Enable" ]
+then
+	sed -re 's/^(\#?)(PasswordAuthentication)([[:space:]]+)(no|yes)[[:space:]]*$/\2\3yes/' -i /etc/ssh/sshd_config
+else
+	sed -re 's/^(\#?)(PasswordAuthentication)([[:space:]]+)(no|yes)[[:space:]]*$/\2\3no/' -i /etc/ssh/sshd_config
+fi
+systemctl reload sshd