diff --git a/plugins/admin_user/__init__.py b/plugins/admin_user/__init__.py
index 44ff246..2ab4592 100644
--- a/plugins/admin_user/__init__.py
+++ b/plugins/admin_user/__init__.py
@@ -8,8 +8,11 @@ def validate_manifest(data, schema_validate):
 
 def resolve_tasks(tasklist, manifest):
 	import tasks
+	from providers.ec2.tasks import initd
+	if initd.AddEC2InitScripts in tasklist.tasks:
+		tasklist.add(tasks.AdminUserCredentials)
+
 	tasklist.add(tasks.AddSudoPackage,
 	             tasks.CreateAdminUser,
 	             tasks.PasswordlessSudo,
-	             tasks.AdminUserCredentials,
 	             tasks.DisableRootLogin)
diff --git a/plugins/admin_user/tasks.py b/plugins/admin_user/tasks.py
index cfe001c..3a0471a 100644
--- a/plugins/admin_user/tasks.py
+++ b/plugins/admin_user/tasks.py
@@ -59,6 +59,15 @@ class DisableRootLogin(Task):
 	phase = phases.system_modification
 
 	def run(self, info):
-		from common.tools import sed_i
-		sshdconfig_path = os.path.join(info.root, 'etc/ssh/sshd_config')
-		sed_i(sshdconfig_path, 'PermitRootLogin yes', 'PermitRootLogin no')
+		from subprocess import CalledProcessError
+		from common.tools import log_check_call
+		try:
+			log_check_call(['/usr/sbin/chroot', info.root,
+			                '/usr/bin/dpkg-query', '-W', 'openssh-server'])
+			from common.tools import sed_i
+			sshdconfig_path = os.path.join(info.root, 'etc/ssh/sshd_config')
+			sed_i(sshdconfig_path, 'PermitRootLogin yes', 'PermitRootLogin no')
+		except CalledProcessError:
+			import logging
+			logging.getLogger(__name__).warn('The OpenSSH server has not been installed, '
+			                                 'not disabling SSH root login.')