Leaderboard

Thanks. I hadn't realized that "PasswordAuthentication" doesn't affect PAM authentication. I've always secured my machines by only allowing ssh access to accounts that I specifically configure. It's @drobbins call but I still think it's a bad idea to configure ssh by default on machines where novice users may believe that their physical console is the only vector for someone to attack their trivial password. There definitely should be some documentation in the install procedure for locking that down.