diff --git a/roles/ansible-os-hardening/tasks/pam.yml b/roles/ansible-os-hardening/tasks/pam.yml
index 103880ca..42a11a36 100644
--- a/roles/ansible-os-hardening/tasks/pam.yml
+++ b/roles/ansible-os-hardening/tasks/pam.yml
@@ -42,10 +42,6 @@
   file: path='{{tally2_path}}' state=absent
   when: (ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu') and not os_auth_pam_passwdqc_enable and os_auth_retries == 0
 
-- name: update pam
-  command: 'pam-auth-update --package'
-  when: (ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu')
-
 - name: remove pam_cracklib, because it does not play nice with passwdqc
   yum: name='{{os_packages_pam_cracklib}}' state=absent
   when: (ansible_distribution == 'RedHat' or ansible_distribution == 'Oracle Linux') and os_auth_pam_passwdqc_enable